1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. IP SERVICES - CONFIGURATION GUIDE V 11.1.X
  6. Configuration manual

Specifying An Ip Profile For Ip Interface Instantiations; Defining The Server Ip Address - Juniper IP SERVICES - CONFIGURATION GUIDE V 11.1.X Configuration Manual

Ip services configuration guide
Hide thumbs
Table of Contents

Advertisement

Specifying an IP Profile for IP Interface Instantiations

The ip profile command specifies the IP profile that is passed from the IPSec layer
to the IP layer upon request for upper layer instantiation.
ip profile

Defining the Server IP Address

The local ip address command defines the specified local IP address as the server
address. The router monitors UDP port 500 for incoming login requests (that is, IKE
SA negotiations) from users.
NOTE: This address is typically made public to all users trying to connect to a VPN
on this router.
This command enables you to optionally set a global preshared key for the specified
server address. When using global preshared keys, keep the following in mind:
Use to override the peer identity (phase 2 identity) used for IPSec security
association negotiations. For IPSec negotiations to succeed, the local and peer
identities at one end of the tunnel must match the peer and local identities at
the other end (respectively).
Example
host1(config-ipsec-tunnel-profile)#peer ip identity address 10.227.1.2
Use the no version to restore the default value, the internal IP address allocated
for the subscriber.
See peer ip identity.
Use to specify the IP profile that the IPSec layer passes on to the IP layer upon
request for upper-layer instantiation.
Example
host1(config-ipsec-tunnel-profile)#ip profile ipProfile1
Use the no version to remove the association with this profile.
See ip profile.
Global preshared keys enable a group of users to share a single authentication
key, simplifying the administrative job of setting up keys for multiple users.
Specific keys for individual users have higher priority than global keys. If both
individual and global keys are configured, the individual that also has a specific
key must use that key or authentication fails.
Chapter 6: Configuring Dynamic IPSec Subscribers
Configuring IPSec Tunnel Profiles
185

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the IP SERVICES - CONFIGURATION GUIDE V 11.1.X and is the answer not in the manual?

Related Manuals for Juniper IP SERVICES - CONFIGURATION GUIDE V 11.1.X

Related Content for Juniper IP SERVICES - CONFIGURATION GUIDE V 11.1.X

This manual is also suitable for:

Junose 11.1.x ip servicesJunose v 11.1

Table of Contents