local ip address

Syntax

From L2TP Destination Profile Host Configuration mode:

local ip address ipAddress

no local ip address

From IPsec Transport Profile Configuration mode:

[ no ] local ip address transportIpAddress

From IPsec Tunnel Profile Configuration mode:

local ip address transportIpAddress { pre-share keyString
| pre-share-masked maskedKeyString }

no local ip address

Release Information

Command introduced before JunosE Release 7.1.0.
IPsec Tunnel Profile Configuration mode added in JunosE Release 7.3.0.

Description

From L2TP Destination Profile Host Configuration mode, configures a local IP address for use with a remote host. The no version removes the local IP address from use with a remote host.

From IPsec Transport Profile Configuration mode, specifies the local endpoint of the IPsec transport connection. It also enters Local IPsec Transport Profile Configuration mode. The no version deletes the local IP address.

From IPsec Tunnel Profile Configuration mode, specifies the given local IP address as a server address. The router continues to monitor UDP port 500 for incoming user login requests (that is, IKE source address negotiations). When using global preshared keys, consider the following points:

• Global preshared keys enable a group of users to share a single authentication key. Using a shared key for a group of users simplifies the administrative job of setting up keys. However, changing or removing a preshared key for one user (for security reasons) affects other users with the same key.
• Specific keys for individual users take precedence over global keys assigned to the same user. In other words, if a user has both an assigned specific key and a global key that user must use the specific key or authentication fails.
• Avoid specifying the same local endpoint and virtual router in the same profile. Local endpoint and virtual router values override each other. The last value set in the profile is the value used.
  

The no version causes the router to stop monitoring UDP port 500 for user requests and removes any preshared key associations with the local IP address.

Options

• ipAddress—IP address used in packets sent to the LAC
• transportIpAddress—Local endpoint for the IPsec transport connection
• keyString—Key value in ASCII format
• maskedKeyString—Key value in ascii format

Mode

IPsec Transport Profile Configuration, IPsec Tunnel Profile Configuration, L2TP Destination Profile Host Configuration

Related Documentation

• Defining the Server IP Address
• ipsec transport profile
• ipsec tunnel profile
• remote host
• show ipsec transport profile
• show ipsec tunnel profile
• show l2tp destination profile