[Contents] [Prev] [Next] [Index] [Report an Error]

respond-bad-spi

Syntax

respond-bad-spi number ;

Hierarchy Level

[edit security ike]

Release Information

Statement introduced in Release 8.5 of JUNOS software.

Description

Enable response to invalid IPsec Security Parameter Index (SPI) values. If the security associations (SAs) between two peers of an IPsec VPN become unsynchronized, the device resets the state of a peer so that the two peers are synchronized.

This statement is supported on J-series and SRX-series devices.

Options

number —Number of times to respond to invalid SPI values per gateway.

Range: 1 through 30
Default: 5

Usage Guidelines

For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.