Add a Proposal
You are here: VPN > IPsec (Phase II).
To add a proposal:
- Click the add icon (+) on the upper right side
of the proposal tab of IKE (Phase II) page.
The Add Proposal page appears.
- Complete the configuration according to the guidelines provided in Table 1.
- Click OK to save the changes. If you want to discard your changes, click Cancel.
Table 1: Fields on the Add Proposal Page
Field | Action |
---|---|
Name | Enter a name of the Phase II proposal. |
Description | Enter a text description for the Phase II proposal. |
Authentication Algorithm | Select an option from the list for authenticating packet data:
Note: From Junos OS Release 19.1R1 till Junos OS Release 20.2R1, the new Authentication algorithm SRX5000 Series devices with SPC3 card upon installation of junos-ike package only. To install junos-ike package from J-Web, navigate to Configure > Security Services > IPsec VPN > Global Settings and click Install. |
Encryption Algorithm | Select an option from the list of IKE encryption algorithm.
|
Lifetime Kilobytes | Enter a value from 64 through 1,048,576 bytes to specify the lifetime of an IPSec SA. The SA is terminated when the specified number of kilobytes of traffic has passed. |
Lifetime Seconds Protocol | Enter a value from 180 through 86,400 seconds to specify the lifetime of an IKE SA. When the SA expires, it is replaced by a new SA and SPI or is terminated. |
Protocol | Specifies the networking protocol name. Select a protocol from the list:
Note: When this IPSec proposal is configured for Dynamic VPN, select esp for protocol. |