 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
In a JUNOS-FIPS environment, routers with two Routing Engines must use IPSec for internal communication between the Routing Engines. You configure internal IPSec after you install JUNOS-FIPS. You must be a Crypto Officer to configure internal IPSec.
To configure internal IPSec, include the security-association statement at the [edit security] hierarchy level:
- [edit security]
-
ipsec {
-
-
internal {
-
-
security-association {
-
-
manual {
-
-
direction (bidirectional | inbound
| outbound) {
-
protocol esp;
-
spi spi-value;
-
-
encryption {
-
algorithm 3des-cbc;
-
key ascii-text ascii-text-string;
- }
- }
- }
- }
- }
- }
This section describes the following tasks for configuring internal IPSec:
| Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |