Syntax
distinguished-name <container container-string> <wildcard wildcard-string>
Hierarchy Level
[edit security ike gateway gateway-name dynamic]
Description
Specify a distinguished name as the
identifier for the remote gateway with a dynamic IP address.
Options
| container-string |
DN
field and value to be matched. For example, cn=admin, ou=eng, o=example, dc=net. Specify one
or more distinguished name (DN) field and value pairs that must match
the DN in the VPN peer’s digital certificate. The order of the
fields and their values must exactly match the DN in the peer’s
digital certificate.
Add a space between each field and value pair. For example, edit security ike gateway jsr_gateway dynamic distinguished-name
container o=example, dc=net.
|
| wildcard-string |
DN
field and value pairs to be matched. For example, cn=admin, ou=eng, o=example, dc=net. Specify one
or more distinguished name (DN) field and value pairs that must match
the DN in the VPN peer’s digital certificate. The configured
field and value must match the DN in the peer’s digital certificate
but the order of the fields in the DN does not matter.
Add a space between each field and value pair. For example, edit security ike gateway jsr_gateway dynamic distinguished-name
wildcard o=example, dc=net.
Starting in Junos OS Release 19.4R1, you can now configure only
one dynamic DN attribute among container-string and wildcard-string at [edit security ike gateway gateway_name dynamic distinguished-name] hierarchy.
If you try configuring the second attribute after you configure the
first attribute, the first attribute is replaced with the second attribute.
Before your upgrade your device, you must remove one of the attributes
if you have configured both the attributes.
|
Required Privilege Level
security—To view this statement
in the configuration.
security-control—To
add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release
8.5.
