Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
Understanding VPN Group Configuration
The VPN group is configured on the server with the group configuration statement at the [edit security group-vpn server] hierarchy.
The group information consists of the following information:
- Group identifier—A value between 1 and 65,535 that identifies the VPN group. The same group identifier must be configured on the group member for Autokey IKE.
- Group members, as configured with the ike-gateway configuration statement. There can be multiple instances of this configuration statement, one for each member of the group.
- IP address of the server (the loopback interface address is recommended).
- Group policies—Policies that are to be downloaded to members. Group policies describe the traffic to which the SA and keys apply. See Understanding Dynamic Policies.
- Server-member communication—Optional configuration that allows the server to send rekey messages to members. See Understanding Server-Member Communication .
- Antireplay—Optional configuration that detects packet interception and replay. See Understanding Antireplay.
Related Topics
- Junos OS Feature Support Reference for SRX Series and J Series Devices
- Group VPN Overview
- Understanding the GDOI Protocol
- Understanding Group Servers and Members
- Group VPN Configuration Overview
