Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

policy (Security Group VPN IKE)

Syntax

Hierarchy Level

Description

Configure an IKE policy. An IKE policy defines a combination of security parameters (IKE proposals) to be used during IKE negotiation. It defines a peer address, the preshared key for the given peer, and the proposals needed for that connection. During the IKE negotiation, IKE looks for an IKE policy that is the same on both peers. The peer that initiates the negotiation sends all its policies to the remote peer, and the remote peer tries to find a match.

Options

policy policy-name

Name of the IKE policy. The policy name can be up to 32 alphanumeric characters long.

description description

Specify descriptive text for an IKE policy.

mode

Define the mode used for Internet Key Exchange (IKE) Phase 1 negotiations.

pre-shared-key

Define a preshared key for an IKE policy.

proposals proposal-name

Specify up to four Phase 1 proposals for an IKE policy. If you include multiple proposals, use the same Diffie-Hellman group in all of the proposals.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 10.2.