ipsec (Group VPN Member)

Syntax

ipsec vpn name {group id;group-vpn-external-interface interface;heartbeat-threshold number;ike-gateway name;}

Hierarchy Level

[edit security group-vpn member]

Release Information

Statement introduced in Release 10.2 of Junos OS.

Description

Configure IPsec for group VPN member.

Options

name—Name of the VPN.

group—(Required) Group identification for the VPN. Specify a value from 1 to 65,535.

group-vpn-external-interface—(Required) Interface that connects the member device to the MPLS network.

heartbeat-threshold—The group member reregisters with the server if this number of server heartbeats is missed on the member. Specify a number from 0 to 10. The default is 3. A value of 0 disables server heartbeat detection on the member.

ike-gateway—(Required) Associate the group member to an IKE gateway for Phase 2 SA negotiation. The gateway name should be the configured IKE gateway for the group server. (The IKE gateway should be set to the group server’s IP address for its loopback interface.)

Usage Guidelines

For configuration instructions and examples, see the Junos OS Security Configuration Guide

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.