1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE...
  6. Configuration manual

Creating An Ipsec Tunnel - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01 Configuration Manual

Software for e series broadband services routers ip services configuration guide
Hide thumbs
Table of Contents

Advertisement

JunosE 11.3.x IP Services Configuration Guide

Creating an IPSec Tunnel

142
Use to enter the preshared key in masked form.
For security purposes, the router displays the key only in masked form. If you delete
the key or reboot the router to factory defaults, you can use this command to reenter
the key in its masked form so that the key is not visible while you enter it.
To see the masked key, use the show config command.
Example
host1#show config
ipsec key manual pre-share 10.10.1.1
masked-key " AAAAGAAAAAcAAAACfd+SAsaVQ6Qeopt2rJOP6LDg+0hX5cMO"
host1#configure terminal
host1(config)#ipsec key manual pre-share 10.10.1.1
host1(config-manual-key)#masked-key
AAAAGAAAAAcAAAACfd+SAsaVQ6Qeopt2rJOP6LDg+0hX5cMO
There is no no version. To delete a key, use the no version of the ipsec key manual
command.
See masked-key.
To create an IPSec tunnel:
Enter virtual router mode. Specify the VR that contains the source and destination
1.
addresses assigned to the tunnel interface.
host1(config)#virtual-router vrA
host1:vrA(config)#
Create an IPSec tunnel, and specify the transport VR.
2.
host1:vrA(config)#interface tunnel ipsec:Aottawa2boston transport-virtual-router
default
host1:vrA(config-if)#
Specify the IP address of this tunnel interface.
3.
host1:vrA(config-if)#ip address 10.3.0.0 255.255.0.0
Specify the transform set that ISAKMP uses for SA negotiations.
4.
host1:vrA(config-if)#tunnel transform-set customerAprotection
Configure the local endpoint of the tunnel.
5.
host1:vrA(config-if)#tunnel local-identity subnet 10.1.0.0 255.255.0.0
Configure the peer endpoint of the tunnel.
6.
host1:vrA(config-if)#tunnel peer-identity subnet 10.3.0.0 255.255.0.0
Specify an existing interface address that the tunnel uses as its source address.
7.
host1:vrA(config-if)#tunnel source 5.1.0.1
Specify the address or identity of the tunnel destination endpoint.
8.
host1:vrA(config-if)#tunnel destination identity branch245.customer77.isp.net
Copyright © 2010, Juniper Networks, Inc.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01 and is the answer not in the manual?

Questions and answers

Related Manuals for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01

Related Content for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01

This manual is also suitable for:

Junose 11.3

Table of Contents