Table of Contents
Advertisement
JUNOSe 11.1.x IP Services Configuration Guide
Configuring IPSec Tunnel Profiles
This sections explains how to configure the parameters that exist in the IPSec tunnel
profile configuration mode.
Limiting Interface Instantiations on Each Profile
To define the maximum number of interfaces that the IPSec tunnel profile can
instantiate, use the max-interfaces command. Once the profile reaches the maximum
number of interfaces, the profile rejects any new interface instantiations and generates
a warning-level log. The default value (using the no version of the command) specifies
unlimited interface instantiation on a given profile.
max-interfaces
Specifying IKE Settings
This section describes how to define the IKE local identity and IKE peer identity
values.
Setting the IKE Local Identity
To set the IKE local identity (phase 1 identity) used for IKE security association
negotiations, use the ike local-identity command.
NOTE: The authentication algorithm for an IKE SA is associated with its identity. You
must ensure that the client and server are set accordingly to successfully establish
IKE security associations.
ike local-identity
182
Configuring IPSec Tunnel Profiles
host1(config-ipsec-tunnel-profile)#
Use the no version to delete the tunnel profile.
See ipsec tunnel profile.
Use to define the maximum number of interfaces that the IPSec tunnel profile
can instantiate.
Example
host1(config-ipsec-tunnel-profile)#max-interfaces 500
Use the no version to return the maximum value to unlimited, indicating no limit
to the number of interfaces that can be instantiated on this profile.
See max-interfaces.
Advertisement
Table of Contents
Need help?
Do you have a question about the IP SERVICES - CONFIGURATION GUIDE V 11.1.X and is the answer not in the manual?