isakmp local identity

To determine the local endpoint configuration by specifying the identity used by the router when participating in the Internet Key Exchange (IKE) protocol, use the isakmp local identity command in Crypto Map Mode. It configures local identity type and its value to be used in IKE Phase 1. The type can be IP address, email, fqdn, dn or key id.

isakmp local identity

isakmp local identity { {dn <string>| } { email <string>| } { fqdn <string>| } { ipv4<string> | } { ipv6<string> | } { keyId <string>} }

Parameters

Parameter Type Description
local identity   Enter for endpoint configuration
dn <string>   Specify domain name for local identity value. Support for X.509 certificates is also available.
email<string>   Specify email address for local identity value.
fqdn<string>   Specify fully Qualified Domain Name for local identity value.
ipv4<string>   Specify IPv4 address related information for local identity value
ipv6<string>   Specify IPv6 address related information for local identity value.
<keyId <string>   Specify key Identifier related information for local identity value.

Mode

Crypto Map Configuration Mode

Examples

iS5comm # configure terminal

iS5comm (config)# crypto map cybsec

iS5comm (config)# isakmp local identity dn 1

iS5comm (config)# isakmp local identity dn “C=CA, ST=ON, L=Miss, O=iS5, OU=SW, CN=r1”

Parent topic: IPSec Local and Peer End Points Configuration