clients (Security)
Syntax
clients configuration-name {
ipsec-vpn vpn-name;
remote-exceptions ip-address/mask;
remote-protected-resources ip-address/mask;
user username;
user-groups user-group-name;
}
Hierarchy Level
[edit security dynamic-vpn]
Description
Create a client configuration for the dynamic VPN feature. Within the configuration, specify a name for the configuration, reference a standard VPN configuration to use for IPsec negotiations, specify which resources to protect, define any exceptions, and list the users to which the dynamic VPN configuration applies.
In Junos OS Release 21.4R1, we’ve deprecated the clients
configuration statement and we might remove it completely in a future release.
Options
| configuration-name | Name of the client configuration. |
| ipsec-vpn | Use this statement to specify which IPsec VPN configuration the dynamic VPN feature should use to secure traffic. |
| remote-exceptions | Use this statement to specify exceptions to the remote protected resources list for the specified dynamic VPN configuration. Traffic to the specified IP address will not go through the dynamic VPN tunnel and therefore will not be protected by the firewall’s security policies. |
| remote-protected-resources | Use this statement to specify which resources to protect using the dynamic VPN feature. Traffic to the protected resource will go through the specified dynamic VPN tunnel and will therefore be protected by the firewall’s security policies. |
| user | Specify which users can access the selected dynamic VPN configuration. |
| user-group | Specify which users can access the selected dynamic VPN configuration. |
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 9.5.
Statement user-groups introduced in Junos OS Release
12.1X44-D10.