Configuring an IKE Policy—Dynamic VPNs

You can use J-Web to quickly configure an IKE policy.

Before You Begin

For background information, read:

  • "Dynamic Virtual Private Networks (VPNs)" chapter in the JUNOS Software Security Configuration Guide.

To configure an IKE policy :

  1. Select Configure>IPSec VPN>Dynamic VPN>IKE.
  2. Select the IKE Policy tab if it is not already selected.
  3. To modify an existing policy, click the appropriate link in the Name column to go to the policy’s configuration page. Or, select the policy from among those listed and click one of the following buttons:
    • To apply the configuration, click Apply.
    • To delete the configuration, click Delete.
  4. To configure a new IKE policy, click Add.
  5. Fill in the options as described in Table 87.
  6. Click one of the following buttons:
    • To apply the configuration, click OK.
    • To cancel the configuration, click Cancel.

Table 87: IKE Policy, Authentication, and Proposal Options

Field

Function

Action

IKE Policy

Name

Name to identify the policy.

Enter a name.

Description

Description of the policy.

Enter a brief description of the policy.

Mode

Specifies how participants should exchange encryption and authentication information during Phase 1 tunnel negotiations. The dynamic VPN feature only uses aggressive mode, which transfers the information between participants in two exchanges.

No action is required. The device displays this information for informational purposes only.

Pre-shared Key

Pre-shared key

Use one of the following preshared key types:

  • ASCII text
  • Hexadecimal

Click Pre shared key, click the type of key, and enter the key in the appropriate format.

Proposal

None

Do not use proposals

Click None.

User Defined

Use up to four Phase 1 proposals that you previously defined. If you include multiple Phase1 proposals in the IKE policy, use the same Diffie-Hellman group in all of the proposals.

Click User Defined, select a proposal (or proposals) from the pop-up menu, and click Add.

Predefined

Use one of the following types of predefined Phase 1 proposals:

  • Basic
  • Compatible
  • Standard

Click Predefined, and select a proposal type.