ike (Group VPN Server)

Syntax

ike {gateway name {address ( ip-address | hostname );dynamic {distinguished-name {container string; wildcard string;}hostname name;inet ip-address;user-at-hostname email-address;}ike-policy name;local-identity {distinguished-name;hostname name;inet ip-address;user-at-hostname emailaddress;}}policy name {certificate {local-certificate identifier;peer-certificate-type [pkcs7 | x509-signature);trusted-ca (ca-index | use-all);}description text;mode (aggressive | main); pre-shared-key (ascii-text text | hexadecimal hex);proposal-set (basic | compatible | standard);proposals name;}proposal name {authentication-algorithm (md5 | sha-256 | sha1);authentication-method (pre-shared-keys | rsa-signatures);description text;dh-group (group1 | group2 | group5);encryption-algorithm (3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc);lifetime-seconds seconds;}}

Hierarchy Level

[edit security group-vpn server]

Release Information

Statement introduced in Release 10.2 of Junos OS.

Description

Configure Phase 1 security association (SA) with a member on the group server. The gateway is the group member.

Options

The remaining statements are explained separately.

Usage Guidelines

For configuration instructions and examples, see the Junos OS Security Configuration Guide

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.