 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
The protocol statement sets the protocol for a dynamic SA. The ESP protocol can support authentication, encryption, or both. The AH protocol is used for strong authentication. AH also authenticates the IP packet. The bundle option uses AH authentication and ESP encryption; it does not use ESP authentication because AH provides stronger authentication of IP packets.
To configure the protocol for a dynamic SA, include the protocol statement at the [edit security ipsec proposal ipsec-proposal-name] hierarchy level:
- [edit security ipsec proposal ipsec-proposal-name ] protocol (ah | esp | bundle);
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |