Navigation
Supported Platforms
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
- EX, J, M, MX, QFX, SRX, T Series
- [edit security] Hierarchy Level
[edit security ipsec] Hierarchy Level
security {ipsec {internal {security-association sa-name {manual {... same statements as at the [edit security ipsec security-association sa-name manual] hierarchy level ...}}}policy ipsec-policy-name {description text-description;perfect-forward-secrecy {keys (group1 | group2 | group5);}proposal-set (basic | compatible | standard);proposals [ proposal-names ];}proposal ipsec-proposal-name {authentication-algorithm (hmac-md5-96 | hmac-sha1-96);description text-description;encryption-algorithm (3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc);lifetime-seconds seconds;protocol (ah | bundle | esp);}security-association sa-name {description text-description;dynamic {ipsec-policy policy-name;replay-window-size (32 | 64);}manual {direction (bidirectional | inbound | outbound) {authentication {algorithm (hmac-md5-96 | hmac-sha1-96);key (ascii-text key | hexadecimal key);}auxiliary-spi spi-index;encryption {algorithm (3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc);key (ascii-text key | hexadecimal key);}protocol (ah | bundle | esp);spi spi-index;}}mode (transport | tunnel);}traceoptions {flag flag;}vpn vpn-name {bind-interface interface-name;df-bit (clear | copy | set);establish-tunnels (immediately | on-traffic);ike {gateway gateway-name;idle-time seconds;install-interval seconds;ipsec-policy policy-name;no-anti-replay;proxy-identity {local ip-prefix</prefix-length>;remote ip-prefix</prefix-length>;service service-name;}}manual {authentication {algorithm (hmac-md5-96 | hmac-sha1-96);key (ascii-text key | hexadecimal key);}encryption {encryption-algorithm (3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc);key (ascii-text key | hexadecimal key);}external-interface interface-name;gateway address;protocol (ah | esp);spi spi-index;}vpn-monitor {destination-ip address;optimized;source-interface interface-name;}vpn-monitor-options {interval seconds;threshold failures;}}}}
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
- EX, J, M, MX, QFX, SRX, T Series
- [edit security] Hierarchy Level
Published: 2013-07-31
Supported Platforms
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
- EX, J, M, MX, QFX, SRX, T Series
- [edit security] Hierarchy Level
