Add a Proposal
You are here: VPN > IPsec (Phase II).
To add a proposal:
- Click the add icon (+) on the upper right side
of the proposal tab of IKE (Phase II) page.
The Add Proposal page appears.
- Complete the configuration according to the guidelines provided in Table 1.
- Click OK to save the changes. If you want to discard your changes, click Cancel.
Table 1: Fields on the Add Proposal Page
Enter a name of the Phase II proposal.
Enter a text description for the Phase II proposal.
Select an option from the list for authenticating packet data:
Note: From Junos OS Release 19.1R1 till Junos OS Release 20.2R1, the new Authentication algorithm SRX5000 Series devices with SPC3 card upon installation of junos-ike package only. To install junos-ike package from J-Web, navigate to Configure > Security Services > IPsec VPN > Global Settings and click Install.
Select an option from the list of IKE encryption algorithm.
Enter a value from 64 through 1,048,576 bytes to specify the lifetime of an IPSec SA.
The SA is terminated when the specified number of kilobytes of traffic has passed.
Lifetime Seconds Protocol
Enter a value from 180 through 86,400 seconds to specify the lifetime of an IKE SA. When the SA expires, it is replaced by a new SA and SPI or is terminated.
Specifies the networking protocol name.
Select a protocol from the list:
Note: When this IPSec proposal is configured for Dynamic VPN, select esp for protocol.