To define an IKE configuration for an ES PIC, include at least the following statements at the [edit security] hierarchy level:
- [edit security ike]
-
proposal ike-proposal-name {
-
authentication-method (dsa-signatures | pre-shared-keys
| rsa-signatures);
-
dh-group (group1 | group2);
-
encryption-algorithm (3des-cbd | des-cbc |
ase-128-cbc | ase-192-cbc | ase-256-cbc);
- }
-
policy ike-peer-address {
-
proposals [ ike-proposal-names ];
-
pre-shared-key (ascii-text key | hexadecimal key);
- }
 |
Note: You configure an IKE policy for AS and MultiServices PICs at the [edit services ipsec-vpn ike] hierarchy level. For more information, see the “IPSec” chapter of the JUNOS Feature Guide and the “IPSec Services Configuration Guidelines” chapter of the JUNOS Services Interfaces Configuration Guide. |
 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |