 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
See the following sections:
- direction (inbound | outbound | bidirectional) {
-
-
authentication {
- algorithm (hmac-md5-96 | hmac-sha1-96);
- key (ascii-text key | hexadecimal key);
- }
-
auxiliary-spi auxiliary-spi-value;
-
-
encryption {
- algorithm (des-cbc | 3des-cbc);
- key (ascii-text key | hexadecimal key);
- }
-
protocol (ah | esp | bundle);
-
spi spi-value;
- }
- [edit security ipsec security-association sa-name manual]
Statement introduced before JUNOS Release 7.4.
Define the direction of IPSec processing.
inbound—Inbound SA.
outbound—Outbound SA.
bidirectional—Bidirectional SA.
See Configuring the Processing Direction.
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
- direction (bidirectional | inbound | outbound) {
-
protocol esp;
-
spi spi-value;
-
-
encryption {
-
algorithm 3des-cbc;
-
key ascii-text ascii-text-string;
- }
- }
- [edit security ipsec internal security-association manual]
Establish a manual security association (SA) for internal Routing-Engine-to-Routing-Engine communication.
bidirectional—Apply the same SA values in both directions between Routing Engines.
inbound—Apply these SA properties only to the inbound IPSec tunnel.
outbound—Apply these SA properties only to the outbound IPSec tunnel.
The remaining statements are explained separately.
See Configuring Internal IPSec for JUNOS-FIPS.
Crypto Officer—To view and add this statement in the configuration.
Secure Configuration Guide for Common Criteria and JUNOS-FIPS
| Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |