 |
Note: Only one interface identifier can be specified at a time. You can include the ipsec-interface-id statement or the l2tp-interface-id statement, but not both. |
You can configure an interface identifier for a group of dynamic peers, which specifies which adaptive services logical interface(s) take part in the dynamic IPSec negotiation. By assigning the same interface identifier to multiple logical interfaces, you can create a pool of interfaces for this purpose. To configure an interface identifier, include the ipsec-interface-id statement at the [edit interfaces interface-name] hierarchy level:
- unit logical-unit-number {
-
- dial-options {
- ipsec-interface-id identifier;
- (shared | dedicated);
- }
- }
Specifying the interface identifier in the dial-options statement makes this logical interface part of the pool identified by the ipsec-interface-id statement.
|
Note: Only one interface identifier can be specified at a time. You can include the ipsec-interface-id statement or the l2tp-interface-id statement, but not both. |
If you configure shared mode, it enables one logical interface to be shared across multiple tunnels. The dedicated statement specifies that the logical interface is used in a dedicated mode, which is necessary when you are configuring an IPSec link-type tunnel. You must include the dedicated statement when you specify an ipsec-interface-id value.
 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |