 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
The protocol statement sets the protocol for a dynamic SA. IPSec uses two protocols to protect IP traffic: ESP and AH. The ESP protocol can support authentication, encryption, or both. The AH protocol is used for strong authentication. AH also authenticates the IP packet. The bundle option uses AH authentication and ESP encryption; it does not use ESP authentication because AH provides stronger authentication of IP packets.
To configure the protocol for a dynamic SA, include the protocol statement and specify the ah, esp, or bundle option at the [edit services ipsec-vpn ipsec proposal proposal-name] hierarchy level:
-
protocol (ah | esp | bundle);
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |