Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
Example: Configuring AutoKey IKE (CLI)
When configuring Phase 2 of an IPsec tunnel, you first configure proposals, then policies, and finally the AutoKey IKE. The following example-based instructions show how to configure the AutoKey IKE.
In Phase 2 AutoKey IKE configuration, you must create a VPN tunnel name, specify a gateway, and reference a Phase 2 policy. If you are using route mode, you must bind the tunnel to an interface. In this example, you create a VPN tunnel named vpn_1 and bind it to interface st0.0, and you specify ike_gateway_1 as the gateway for the VPN tunnel and reference the IPsec policy ipsec_pol_1.
To configure an AutoKey IKE using the CLI editor:
user@host# set security ipsec vpn vpn_1 bind-interface
st0.0user@host# set security ipsec vpn vpn_1 ike
gateway ike_gateway_1user@host# set security ipsec vpn vpn_1 ike
ipsec-policy ipsec_pol_1
Use the following command to display information about this IKE proposal:
user@host# show security ipsec vpn vpn_1
Related Topics
- Junos OS Feature Support Reference for SRX Series and J Series Devices
- Understanding Phase 2 of IKE Tunnel Negotiation
- IPsec VPN Configuration Overview
