Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
rule
Syntax
rule rule-name {match-direction (input | output);term term-name {from {destination-address address;ipsec-inside-interface interface-name;source-address address;}then {anti-replay-window-size bits;backup-remote-gateway address;clear-dont-fragment-bit;dynamic {ike-policy policy-name;ipsec-policy policy-name;}initiate-dead-peer-detection;manual {direction (inbound | outbound | bidirectional) {authentication {algorithm (hmac-md5-96 | hmac-sha1-96);key (ascii-text key | hexadecimal key);}auxiliary-spi spi-value;encryption {algorithm algorithm;key (ascii-text key | hexadecimal key);}protocol (ah | bundle | esp);spi spi-value;}}no-anti-replay;remote-gateway address;syslog;tunnel-mtu bytes;}}}
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify the rule the router uses when applying this service.
Options
rule-name—Identifier for the collection of terms that comprise this rule.
The remaining statements are explained separately.
Usage Guidelines
See Configuring Match Direction for IPsec Rules.
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
