Configuring the Interface Identifier for IPsec Dynamic Endpoint Tunnels
You can configure an interface identifier for a
group of dynamic peers, which specifies which adaptive services logical
interface(s) take part in the dynamic IPsec negotiation. By assigning
the same interface identifier to multiple logical interfaces, you
can create a pool of interfaces for this purpose. To configure, include
the ipsec-interface-id statement at the [edit interfaces interface-name] hierarchy level:
[edit interfaces sp-fpc/pic/port] unit logical-unit-number { dial-options { ipsec-interface-id identifier; (shared | dedicated); } }
Specifying the interface identifier in the dial-options statement makes this logical interface part of
the pool identified by the IPsec interface identifier.
Only one interface identifier can be specified
at a time. You can include the ipsec-interface-id statement
or the l2tp-interface-id statement, but not both simultaneously.
The shared statement enables one logical
interface to be shared across multiple tunnels. The dedicated statement specifies that the logical interface is associated with
a single tunnel, which is necessary when you are configuring an IPsec
link-type tunnel. You must include the dedicated statement
when you specify an ipsec-interface-id value.