Configuring an IPsec Policy—Quick Configuration (Dynamic VPNs)

You can use J-Web Quick Configuration to quickly configure an IPsec policy.

Before You Begin
For background information, read: "Dynamic Virtual Private Networks (VPNs)" chapter in the JUNOS Software Security Configuration Guide.

Before You Begin

For background information, read:

"Dynamic Virtual Private Networks (VPNs)" chapter in the JUNOS Software Security Configuration Guide.

Figure 36 shows the Quick Configuration page where you can select an existing policy, or click Add to create a new one.

Figure 36: IPsec Policy Quick Configuration Page – Adding a Policy

IPsec Policy
Quick Configuration Page – Adding a Policy

Figure 37 shows the Quick Configuration page where you create a new IPsec policy.

Figure 37: IPsec Policy Quick Configuration Page – Configuring a Policy

IPsec Policy Quick
Configuration Page – Configuring a Policy

To configure an IPsec policy with Quick Configuration:

Select Configure>IPSec VPN>Dynamic VPN>IPsec Policy.

Select the IPsec Policy tab if it is not selected.

To modify an existing policy, click the appropriate link in the Name column to go to the policy’s configuration page. Or, select the policy from among those listed and click one of the following buttons:

To apply the configuration, click Apply.
To delete the configuration, click Delete.

To configure a new IPsec policy, click Add.

Fill in the options as described in Table 170.

Click one of the following buttons:

To apply the configuration, click OK.
To cancel the configuration and return to the main Configuration page, click Cancel.

Table 170: IPsec Policy Configuration Options

Field	Function	Action
IPsec Policy
Name	Name to identify the policy.	Enter a name.
Description	Description of the policy.	Enter a brief description of the policy.
Perfect Forward Secrecy	Method the device uses to generate the encryption key. Perfect Forward Secrecy generates each new encryption key independently from the previous key. group1—Diffie-Hellman Group 1. group2—Diffie-Hellman Group 2. group5—Diffie-Hellman Group 5.	Select a method.
Proposal
None	Do not use a proposal.	Click None.
User Defined	Use up to four Phase 2 proposals that you previously defined. If you include multiple Phase 2 proposals in the IPsec policy, use the same Diffie-Hellman group in all of the proposals.	Click User Defined, select a proposal (or proposals) from the pop-up menu, and click Add.

Report an Error