 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
See the following sections:
-
security-association sa-name {
-
-
dynamic {
- ipsec-policy policy-name;
- replay-window-size (32 | 64);
- }
-
-
manual {
-
-
direction (JUNOS Software) (inbound | outbound |
bi-directional) {
-
-
authentication {
- algorithm (hmac-md5-96 | hmac-sha1-96);
- key (ascii-text key | hexadecimal key);
- }
- auxiliary-spi auxiliary-spi-value;
-
-
encryption {
- algorithm (des-cbc | 3des-cbc);
- key (ascii-text key | hexadecimal key);
- }
-
protocol ( ah | esp | bundle);
-
spi spi-value;
- }
-
mode (tunnel | transport);
- }
- }
- [edit security ipsec]
Statement introduced before JUNOS Release 7.4.
Configure an IPSec security association.
name—Name of the security association.
The remaining statements are explained separately.
See Configuring Security Associations.
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
- security-association {
-
-
manual {
-
-
direction (bidirectional | inbound
| outbound) {
-
protocol esp;
-
spi spi-value;
-
-
encryption {
-
algorithm 3des-cbc;
-
key ascii-text ascii-text-string;
- }
- }
- }
- }
- [edit security ipsec internal]
Statement introduced before JUNOS Release 7.4.
Define a security association (SA) for internal Routing-Engine-to-Routing-Engine communication.
The remaining statements are explained separately.
See Configuring Internal IPSec for JUNOS-FIPS.
Crypto Officer—To view and add this statement in the configuration.
Secure Configuration Guide for Common Criteria and JUNOS-FIPS
| Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |