crypto-ikev1/ikev2-peer commands

Sets a IKEv1/IKEv2 peer‘s local identity. This local identifier is used with this peer configuration for an IKE exchange with the target VPN IPSec peer.

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000


localid [address|autogen-uniqueid|dn|email|fqdn|string]
localid [address <IP>|autogen-uniqueid <WORD>|dn <WORD>|email <WORD>|fqdn <WORD>| string <WORD>]


localid [address <IP>|dn <WORD>|email <WORD>|fqdn <WORD>|string <WORD>]
address <IP> Configures the peer‘s IP address. The IP address is used as local identity.
autogen-uniqueid <WORD> Generates a localid using the device's unique identity. The system prefixes the device's unique identity to the string provided here. The device‘s unique identity should be existing and configured. For more information on configuring a device‘s unique identity, see autogen-uniqueid.
  • <WORD> – Provide the string.
dn <WORD> Configures the peer‘s distinguished name. (for example, "C=us ST=<state> L=<location> O=<organization> OU=<org unit>". The maximum length is 128 characters.
email <WORD> Configures the peer‘s e-mail address. The maximum length is 128 characters.
fqdn <WORD> Configures the peer‘s FQDN. The maximum length is 128 characters.
string <WORD> Configures the peer‘s identity string. The maximum length is 128 characters. This is the default setting.


nx9500-6C8809(config-profile-default-rfs4000-ikev1-peer-peer1)#localid email bob@examplecompany.com

nx9500-6C8809(config-profile-default-rfs4000-ikev1-peer-peer1)#show context
 crypto ikev1 peer peer1
  ip address
  localid email bob@examplecompany.com