•
Use to define a default local endpoint for ISAKMP/IKE negotiations and all IPSec
tunnels for a transport virtual router.
•
You must specify the IP address used as the local endpoint and the transport virtual
router on which the IP address is defined.
•
Example
host1(config)#
ipsec local-endpoint 10.10.1.1 transport-virtual-router VR#8
•
Use the
no
version to delete a local endpoint. You cannot remove an endpoint if a
tunnel is referencing the endpoint.
•
See ipsec local-endpoint.
ipsec transform-set
•
Use to create a transform set. Each transform in a set provides a different combination
of data authentication and confidentiality.
•
Transform sets used for manually configured tunnels can have one transform.
•
Transform sets used for signaled tunnels can have up to six transforms. The actual
transform used on the tunnel is negotiated with the peer. Transforms are numbered
in a priority sequence in the order in which you enter them.
•
To display the names of the transforms that you can use in a transform set, issue the
ipsec transform-set transformSetName ?
command.
•
Example
host1(config)#
ipsec transform-set espSet esp-3des-hmac-md5 esp-3des-null-auth
•
Use the
no
version to delete a transform set. You cannot remove a transform set if a
tunnel is referencing the transform set.
•
See ipsec transform-set.
key
•
Use to enter a manual preshared key.
•
Preshared keys can have up to 256 ASCII alphanumeric characters. To include spaces
in the key, enclose the key in quotation marks.
•
Example 1
host1(config-manual-key)#
key dj5fe23owi8er49fdsa
•
Example 2
host1(config-manual-key)#
key “ my key with spaces”
•
There is no
no
version. To delete a key, use the
no
version of the
ipsec key manual
command.
•
See key.
masked-key
141
Copyright © 2010, Juniper Networks, Inc.
Chapter 5: Configuring IPSec
Summary of Contents for JUNOSE 11.2.X IP SERVICES
Page 6: ...Copyright 2010 Juniper Networks Inc vi...
Page 8: ...Copyright 2010 Juniper Networks Inc viii JunosE 11 2 x IP Services Configuration Guide...
Page 18: ...Copyright 2010 Juniper Networks Inc xviii JunosE 11 2 x IP Services Configuration Guide...
Page 22: ...Copyright 2010 Juniper Networks Inc xxii JunosE 11 2 x IP Services Configuration Guide...
Page 28: ...Copyright 2010 Juniper Networks Inc 2 JunosE 11 2 x IP Services Configuration Guide...
Page 116: ...Copyright 2010 Juniper Networks Inc 90 JunosE 11 2 x IP Services Configuration Guide...
Page 144: ...Copyright 2010 Juniper Networks Inc 118 JunosE 11 2 x IP Services Configuration Guide...
Page 230: ...Copyright 2010 Juniper Networks Inc 204 JunosE 11 2 x IP Services Configuration Guide...
Page 262: ...Copyright 2010 Juniper Networks Inc 236 JunosE 11 2 x IP Services Configuration Guide...
Page 294: ...Copyright 2010 Juniper Networks Inc 268 JunosE 11 2 x IP Services Configuration Guide...
Page 328: ...Copyright 2010 Juniper Networks Inc 302 JunosE 11 2 x IP Services Configuration Guide...
Page 345: ...PART 2 Index Index on page 321 319 Copyright 2010 Juniper Networks Inc...
Page 346: ...Copyright 2010 Juniper Networks Inc 320 JunosE 11 2 x IP Services Configuration Guide...
Page 356: ...Copyright 2010 Juniper Networks Inc 330 JunosE 11 2 x IP Services Configuration Guide...