passive-mode-tunneling

Syntax

Hierarchy Level

Release Information

Statement introduced in Junos OS Release 10.0.

Description

Allows tunneling of malformed packets. When this statement is enabled, traffic bypasses the usual active IP checks. The IPsec tunnel is not treated as a next hop and TTL is not decremented. If the packet size exceeds the tunnel MTU value, an ICMP error is not generated.

Usage Guidelines

See Configuring IPsec Service Sets.

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.