Statement introduced in Junos OS Release 8.5.
Statement supported at hierarchy [edit logical-systems name tenants name security alg tenant] in Junos OS Release 18.3R1.
Configure Application Layer Gateway (ALG) for Internet Key Exchange (IKE) and Encapsulating Security Payload (ESP) traffic with Network Address Translation (NAT).
Enable —Enable the IKE-ESP ALG.
esp-gate-timeout seconds—Set the timeout for the ESP gates created after an IKE Phase 2 exchange has completed.
Range: 2 through 30 seconds.
Default: 5 seconds.
esp-session-timeout seconds—Set the idle timeout for the ESP sessions created from the IPsec gates.
Range: 60 through 2400 seconds.
Default: 1800 seconds.
state-timeout seconds—Set the timeout for the ALG state information.
Range: 180 through 86,400 seconds.
Default: 14,400 seconds.
traceoptions—Set the IKE-ESP ALG trace options.
flag —Specify which tracing operation to perform.
all—Trace all operations.
extensive—Set trace verbosity level to extensive.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.