JUNOSe 11.1.x Command Reference Guide A to M
ike crl
ike crl { ignored | optional | required }
Syntax
no ike crl
Command introduced before JUNOSe Release 7.1.0.
Release Information
Controls how the router handles certificate revocation lists (CRLs) during negotiation
Description
of IKE phase 1 signature authentication. The no version returns the CRL setting to
the default, optional.
NOTE: This command has been replaced by the ipsec crl command and may be
removed completely in a future release.
Options
Global Configuration
Mode
702
ike crl
ignored Allows negotiations to succeed even if a CRL is invalid or the peer's
certificate appears in the CRL; this is the most lenient setting
optional If the router finds a valid CRL, it uses it; this is the default
required Requires a valid CRL; either the certificates belonging to the E Series
router or the peer must not appear in the CRL; this is the strictest setting