[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

vpn

Syntax

vpn vpn-name ;
bind-interface interface-name ;
df-bit (clear | copy | set);
establish-tunnels (immediately | on-traffic);
ike {
gateway gateway -name ;
idle-time seconds ;
install-interval seconds ;
ipsec-policy ipsec-policy-name ;
no-anti-replay;
proxy-identity {
local ipv4-prefix ;
remote ipv4-prefix ;
service service-name ;
}
}
manual {
authentication {
algorithm (hmac-md5-96 | hmac-sha1-96);
key (ascii-text key | hexadecimal key );
}
encryption {
algorithm (3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc);
key (ascii-text key | hexadecimal key );
}
external-interface external-interface-name ;
gateway ip-address ;
protocol (ah | esp);
spi spi-value ;
}
vpn-monitor {
destination-ip ip-address ;
optimized;
source-interface interface-name ;
}

Hierarchy Level

[edit security ipsec]

Release Information

Statement introduced in Release 8.5 of JUNOS software.

Description

Configure an IPsec VPN.

This statement is supported on J-series and SRX-series devices.

Options

vpn-name —Name of the VPN.

The remaining statements are explained separately.

Usage Guidelines

For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]