Configuring an IPsec Policy—J-Web Quick Configuration (Standard VPNs)

Before You Begin
For background information, read "Internet Protocol Security (IPsec)" chapter in the JUNOS Software Security Configuration Guide.

Table 162: IPsec Policy Configuration Options

Field	Function	Action
IPsec Policy
Name	Name of the IPsec policy.	Enter a name.
Description	Description of the policy.	Enter a text description.
Perfect Forward Secrecy	The method the device uses to generate the encryption key. PFS generates each new encryption key independently from the previous key. group1—Diffie-Hellman Group 1. group2—Diffie-Hellman Group 2. group5—Diffie-Hellman Group 5.	Select a method.
Proposal
Predefined	A set of default Internet Key Exchange (IKE) proposals. basic—Basic set of two IKE proposals: Proposal 1—Preshared key, Data Encryption Standard (DES) encryption, and Diffie-Hellman Group 1 and Secure Hash Algorithm 1 (SHA-1) authentication Proposal 2—Preshared key, DES encryption, and Diffie-Hellman Group 1 and MD5 authentication compatible—Set of four commonly used IKE proposals: Proposal 1—Preshared key, triple DES (3DES) encryption, and G2 and SHA-1 authentication Proposal 2—Preshared key, 3DES, and Diffie-Hellman Group 2 and MD5 authentication Proposal 3—Preshared key, DES encryption, and Diffie-Hellman Group 2 and SHA-1 authentication Proposal 4—Preshared key, DES encryption, and Diffie-Hellman Group 2 and MD5 authentication standard—Standard set of two IKE proposals: Proposal 1— Preshared key, 3DES encryption, and Diffie-Hellman Group 2 and SHA-1 authentication Proposal 2—Preshared key, Advanced Encryption Standard (AES) 128-bit encryption, and Diffie-Hellman Group 2 and SHA-1 authentication	Click Predefined, and select one of the following options: basic predefined standard
User Defined	A list of proposals you previously defined.	Click User Defined and select proposals from the Available list, then click right arrow button to move them to the Selected list.