The /etc/inet/ike/ikev2.config configuration file contains the configuration for the in.ikev2d daemon. The configuration consists of a number of rules. Each entry contains parameters such as algorithms and authentication data that this system can use with a similarly configured IKEv2 peer.
The in.ikev2d daemon supports preshared keys (PSK) and public key certificates for identity.
The ikev2.config(4) man page provides sample rules. Each rule must have a unique label. The following is a list of the descriptive labels of sample rules from the man page:
IP identities and PSK auth
IP address prefixes and PSK auth
IPv6 address prefixes and PSK auth
Certificate auth with DN identities
Certificate auth with many peer ID types
Certificate auth with wildcard peer IDs
Override transforms
Mixed auth types
Wildcard with required signer