Table of Contents
Advertisement
ISG 2000 User's Guide
CLI Commands – Example Route-Based VPN Configuration
20
Summary of CLI Commands
ISG 2000 Commands
set interface tunnel.1 zone untrust
set interface tunnel.1 ip unnumbered interface
ethernet2/1
set address trust local 10.1.1.0/24
set address untrust peer1 10.2.2.0/24
set ike gateway peer1 dynamic peer1@jnpr.net
aggressive outgoing-interface ethernet2/1 preshare
Iwb715iSF proposal pre-g2-3des-sha
set vpn vpn1 gateway peer1 tunnel sec-level compatible
set vpn vpn1 bind interface tunnel.1
set vpn vpn1 proxy-id local-ip 0.0.0.0/0 remote-ip
0.0.0.0/0 any
set vrouter trust-vr route 10.2.2.0/24 interface tunnel.1
set vrouter trust-vr route 10.2.2.0/24 interface null
metric 10
set policy id 8 top from untrust to trust peer1 local any
permit
set policy id 9 top from trust to untrust local peer1 any
permit
save
Remote Peer Commands
set interface tunnel.1 zone untrust
set interface tunnel.1 ip unnumbered interface untrust
set address trust local 10.2.2.0/24
set address untrust peer1 10.1.1.0/24
set ike gateway gw1 address 1.1.1.1 aggressive local-id
peer1@jnpr.net outgoing-interface untrust preshare
Iwb715iSF proposal pre-g2-3des-sha
set vpn vpn1 gateway gw1 tunnel sec-level compatible
set vpn vpn1 bind interface tunnel.1
set vpn vpn1 proxy-id local-ip 0.0.0.0/0 remote-ip
0.0.0.0/0 any
set vrouter trust-vr route 0.0.0.0/0 interface untrust
set vrouter trust-vr route 10.2.2.0/24 interface tunnel.1
set vrouter trust-vr route 10.2.2.0/24 interface null
metric 10
set policy id 1 top from untrust to trust peer1 local any
permit
set policy id 2 top from trust to untrust local peer1 any
permit
save
Description
"ISG 2000" on page 17
Description
"Remote Peer" on page 18
Advertisement
Table of Contents
