[Contents] [Prev] [Next] [Index] [Report an Error]

policy

See the following sections:

policy (IKE)

Syntax

policy ike-peer-address {
description policy-description;
encoding (binary | pem);
identity identity-name;
local-certificate certificate-filename;
local-key-pair private-public-key-file;
mode (aggressive | main);
pre-shared-key (ascii-text key | hexadecimal key);
proposals [ proposal-names ];
}

Hierarchy Level

[edit security ike]

Release Information

Statement introduced before JUNOS Release 7.4.

Description

Define an IKE policy.

Options

ike-peer-address—A tunnel address configured at the [edit interfaces es] hierarchy level.

The remaining statements are explained separately.

Usage Guidelines

See Configuring an IKE Policy for Preshared Keys and Configuring an IKE Policy for Digital Certificates (ES PIC).

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.

policy (IPSec)

Syntax

policy ipsec-policy-name {
perfect-forward-secrecy {
keys (group1 | group2);
}
proposals [ proposal-names ];
}

Hierarchy Level

[edit security ipsec]

Release Information

Statement introduced before JUNOS Release 7.4.

Description

Define an IPSec policy.

Options

ipsec-policy-name—Specify an IPSec policy name.

The remaining statements are explained separately.

Usage Guidelines

See Configuring the IPSec Policy (ES PIC).

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.

[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.