Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    local ip address

    Syntax

    From L2TP Destination Profile Host Configuration mode:

    local ip address ipAddress

    no local ip address

    From IPsec Transport Profile Configuration mode:

    [ no ] local ip address transportIpAddress

    From IPsec Tunnel Profile Configuration mode:

    local ip address transportIpAddress { pre-share keyString
    | pre-share-masked maskedKeyString }

    no local ip address

    Release Information

    Command introduced before JunosE Release 7.1.0.
    IPsec Tunnel Profile Configuration mode added in JunosE Release 7.3.0.

    Description

    From L2TP Destination Profile Host Configuration mode, configures a local IP address for use with a remote host. The no version removes the local IP address from use with a remote host.

    From IPsec Transport Profile Configuration mode, specifies the local endpoint of the IPsec transport connection. It also enters Local IPsec Transport Profile Configuration mode. The no version deletes the local IP address.

    From IPsec Tunnel Profile Configuration mode, specifies the given local IP address as a server address. The router continues to monitor UDP port 500 for incoming user login requests (that is, IKE source address negotiations). When using global preshared keys, consider the following points:

    • Global preshared keys enable a group of users to share a single authentication key. Using a shared key for a group of users simplifies the administrative job of setting up keys. However, changing or removing a preshared key for one user (for security reasons) affects other users with the same key.
    • Specific keys for individual users take precedence over global keys assigned to the same user. In other words, if a user has both an assigned specific key and a global key that user must use the specific key or authentication fails.
    • Avoid specifying the same local endpoint and virtual router in the same profile. Local endpoint and virtual router values override each other. The last value set in the profile is the value used.

    The no version causes the router to stop monitoring UDP port 500 for user requests and removes any preshared key associations with the local IP address.

    Options

    • ipAddress—IP address used in packets sent to the LAC
    • transportIpAddress—Local endpoint for the IPsec transport connection
    • keyString—Key value in ASCII format
    • maskedKeyString—Key value in ascii format

    Mode

    IPsec Transport Profile Configuration, IPsec Tunnel Profile Configuration, L2TP Destination Profile Host Configuration

    Published: 2014-08-20