Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All



    extended-authentication { none | pap | chap } [ re-authenticate ]
    [ skip-peer-config ]

    no extended-authentication

    Release Information

    Command introduced in JunosE Release 7.3.0.


    Specifies the extended user authentication protocol for use during the extended user authentication protocol exchange. The no version restores the default protocol, pap.


    • none—Specifies that no extended authentication is performed
    • pap—Specifies the use of PAP protocol for extended authentication
    • chap—Specifies the use of CHAP protocol for extended authentication
    • re-authenticate—Enables reauthentication when IKE SA rekeying occurs. When this option is enabled, rekeying of IKE SAs uses the initial authentication protocol to reauthenticate the user. When this option is disabled, authentication is only performed at the first IKE SA establishment. Subsequent IKE SAs rekey operations inherit the initial authentication and do not reauthenticate users. For maximum security, enable reauthentication.
    • skip-peer-config—Disables configuration of peer IP characteristics


    IPsec Tunnel Profile Configuration

    Published: 2014-08-14