Navigation
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
- EX, J, M, MX, SRX, T Series
- [edit services] Hierarchy Level
[edit services ipsec-vpn] Hierarchy Level
services {ipsec-vpn {clear-ike-sas-on-pic-restart;clear-ipsec-sas-on-pic-restart;establish-tunnels (immediately | on-traffic);ike {policy policy-name {description description;local-certificate identifier;local-id (fqdn domain-name | ipv4_addr ipv4-address | ipv6-addr ipv6-address | key-id identifier);mode (aggressive | main);pre-shared-key (ascii-text key | hexadecimal key);proposals [ proposal-names ];remote-id {(any-remote-id | one or more of the following four statements);fqdn [ domain-names ];ipv4_addr [ ipv4-addresses ];ipv6-addr [ ipv6-addresses ];key-id [ identifiers ];}}proposal proposal-name {authentication-algorithm (md5 | sha1 | sha256);authentication-method (dsa-signatures | pre-shared-keys | rsa-signatures);description description;dh-group (group1 | group2 | group5 | group14);encryption-algorithm algorithm;lifetime-seconds seconds;}}ipsec {policy policy-name {description description;perfect-forward-secrecy {keys (group1 | group2);}proposals [ proposal-names ];}proposal proposal-name {authentication-algorithm (hmac-md5-96 | hmac-sha1-96);description description;encryption-algorithm algorithm;lifetime-seconds seconds;protocol (ah | esp | bundle);}}no-ipsec-tunnel-in-traceroute;rule rule-name {match-direction (input | output);term term-name {from {destination-address address;ipsec-inside-interface interface-name;source-address address;}then {anti-replay-window-size bits;backup-remote-gateway address;clear-dont-fragment-bit;dynamic {ike-policy policy-name;ipsec-policy policy-name;}initiate-dead-peer-detection;manual {... the manual subhierarchy appears after the main [edit services ipsec-vpn ipsec rule rule-name term term-name then] hierarchy level ...}no-anti-replay;remote-gateway address;syslog;tunnel-mtu bytes;} then {manual {direction (inbound | outbound | bidirectional) {authentication {algorithm (hmac-md5-96 | hmac-sha1-96);key (ascii-text key | hexadecimal key);}}auxiliary-spi spi-value;encryption {algorithm algorithm;key (ascii-text key | hexadecimal key);}protocol (ah | bundle | esp);spi spi-value;}}}}}rule-set rule-set-name {rule rule-name;}traceoptions {file <filename> <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;flag flag;level level;no-remote-trace;}}}
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
- EX, J, M, MX, SRX, T Series
- [edit services] Hierarchy Level
Published: 2013-07-31
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
- EX, J, M, MX, SRX, T Series
- [edit services] Hierarchy Level
