■
Use to specify the IPSec lifetime parameters used on IPSec SA lifetime
negotiations.
■
Example
host1(config-ipsec-tunnel-profile)#
lifetime seconds 5000 25000
■
Use the
no
version to return the lifetime to its default value, 28800 seconds (8
hours) and no traffic volume limit.
■
See lifetime.
Defining User Reauthentication Protocol Values
The
extended-authentication
command specifies the extended user authentication
protocol for use during the extended user authentication protocol exchange.
The
re-authenticate
keyword enables the reauthentication option (a subsequent
authentication procedure). When this option is enabled, rekeying of IKE SAs uses
the initial authentication protocol to reauthenticate the user. When this option is
disabled, authentication is only performed at the first IKE SA establishment.
Subsequent IKE SAs rekey operations inherit the initial authentication and do not
reauthenticate users.
NOTE:
For maximum security, enable reauthentication.
The
skip-peer-config
keyword disables the router from configuring peer IP
characteristics.
extended-authentication
■
Use to specify the extended user authentication protocol for use during the
extended user authentication protocol exchange. This command can also enable
or disable the reauthentication option (a subsequent authentication procedure).
■
The
re-authenticate
keyword enables the reauthentication option (a subsequent
authentication procedure).
■
The
skip-peer-config
keyword disables the router from configuring peer IP
characteristics.
■
Example
host1(config-ipsec-tunnel-profile)#
extended-authentication chap
■
Use the
no
version to reset the extended authentication to the default protocol,
pap.
■
See extended-authentication.
Configuring IPSec Tunnel Profiles
■
187
Chapter 6: Configuring Dynamic IPSec Subscribers
Summary of Contents for IP SERVICES - CONFIGURATION GUIDE V 11.1.X
Page 6: ...vi...
Page 8: ...viii JUNOSe 11 1 x IP Services Configuration Guide...
Page 18: ...xviii Table of Contents JUNOSe 11 1 x IP Services Configuration Guide...
Page 20: ...xx List of Figures JUNOSe 11 1 x IP Services Configuration Guide...
Page 22: ...xxii List of Tables JUNOSe 11 1 x IP Services Configuration Guide...
Page 28: ...2 Chapters JUNOSe 11 1 x IP Services Configuration Guide...
Page 138: ...112 Monitoring J Flow Statistics JUNOSe 11 1 x IP Services Configuration Guide...
Page 286: ...260 Monitoring IP Tunnels JUNOSe 11 1 x IP Services Configuration Guide...
Page 312: ...286 Monitoring IP Reassembly JUNOSe 11 1 x IP Services Configuration Guide...
Page 357: ...Part 2 Index Index on page 333 Index 331...
Page 358: ...332 Index JUNOSe 11 1 x IP Services Configuration Guide...