Navigation
Supported Platforms
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
- EX, J, M, MX, QFX, SRX, T Series
- [edit security] Hierarchy Level
[edit security group-vpn] Hierarchy Level
security {group-vpn {co-location;member {ike {gateway gateway-name {address [ ip-addresses-or-hostnames ];ike-policy policy-name;local-address ip-address;local-identity (distinguished-name | hostname hostname | inet ipv4-address | user-at-hostname e-mail-address);}policy name {certificate {local-certificate identifier;peer-certificate-type (pkcs7 | x509-signature);trusted-ca (ca-index | use-all);}description description-string;mode (aggressive | main); pre-shared-key (ascii-text text | hexadecimal hexadecimal-number);proposal-set (basic | compatible | standard);proposals [ proposal-names ];}proposal proposal-name {authentication-algorithm (md5 | sha-256 | sha1);authentication-method (pre-shared-keys | rsa-signatures);description description-string;dh-group (group1 | group2 | group5);encryption-algorithm (3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc);lifetime-seconds seconds;}}ipsec {vpn vpn-name {group id-number;group-vpn-external-interface interface-name;heartbeat-threshold number;ike-gateway gateway-name;}}}server {group group-name {activation-time-delay seconds;anti-replay-time-window seconds;description description-string;group-id number;ike-gateway gateway-name;ipsec-sa security-association-name {match-policy policy-name {destination ip-address</prefix-length>;destination-port port-number;protocol protocol-number;source ip-address</prefix-length>;source-port port-number;}proposal name;match-policy policy-name {destination ip-address</prefix-length>;destination-port port-number;protocol protocol-number;source ip-address</prefix-length>;source-port port-number;}}}no-anti-replay;server-address ip-address;server-member-communication {certificate certificate-id;communication-type (multicast | unicast);encryption-algorithm (3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc);heartbeat seconds;lifetime-seconds seconds;multicast-group group-address;multicast-outgoing-interface interface-name;number-of-retransmission number;retransmission-period seconds;sig-hash-algorithm (md5 | sha1);}}ike {gateway gateway-name {address (ip-address | hostname);dynamic {distinguished-name {container text-string; wildcard text-string;}hostname hostname;inet ipv4-address;user-at-hostname e-mail-address;}ike-policy name;local-identity {distinguished-name;hostname hostname;inet ipv4-address;user-at-hostname e-mail-address;}}policy name {certificate {local-certificate identifier;peer-certificate-type (pkcs7 | x509-signature);trusted-ca (ca-index | use-all);}description description-string;mode (aggressive | main); pre-shared-key (ascii-text text | hexadecimal hexadecimal-number);proposal-set (basic | compatible | standard);proposals [ proposal-names ];}proposal name {authentication-algorithm (md5 | sha-256 | sha1);authentication-method (pre-shared-keys | rsa-signatures);description text;dh-group (group1 | group2 | group5);encryption-algorithm (3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc);}}ipsec {proposal name {authentication-algorithm (hmac-md5-96 | hmac-sha1-96);description description-string;encryption-algorithm (3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc);lifetime-seconds seconds;}}traceoptionsfile <filename> <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;flag flag;no-remote-trace;}}}}
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
- EX, J, M, MX, QFX, SRX, T Series
- [edit security] Hierarchy Level
Published: 2013-07-31
Supported Platforms
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
- EX, J, M, MX, QFX, SRX, T Series
- [edit security] Hierarchy Level
