Navigation
ipsec (Security)
Syntax
ipsec {security-association {manual {direction (bidirectional | inbound | outbound) {protocol esp;spi spi-value;encryption {algorithm 3des-cbc;key ascii-text ascii-text-string;}}}}policy ipsec-policy-name {perfect-forward-secrecy {keys (group1 | group2);}proposals [ proposal-names ]; }proposal ipsec-proposal-name {authentication-algorithm (hmac-md5-96 | hmac-sha1-96);encryption-algorithm (3des-cbc | des-cbc); lifetime-seconds seconds; protocol (ah | esp | bundle); }security-association name {dynamic {ipsec-policy policy-name;replay-window-size (32 | 64);}manual {direction (inbound | outbound | bi-directional) {authentication {algorithm (hmac-md5-96 | hmac-sha1-96); key (ascii-text key | hexadecimal key); }auxiliary-spi auxiliary-spi-value;encryption {algorithm (des-cbc | 3des-cbc); key (ascii-text key | hexadecimal key);}protocol (ah | esp | bundle); spi spi-value; }}mode (tunnel | transport);}traceoptions {file <files number> < size size>;flag all;flag database;flag general;flag ike;flag parse;flag policy-manager;flag routing-socket;flag timer;}}
Hierarchy Level
[edit security]
Release Information
Statement introduced before Junos OS Release 7.4.
Description
(Encryption interface on M Series and T Series routers only) Configure IPsec.
Options
The remaining statements are explained separately.
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
