Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP SERVICES CONFIGURATION GUIDE 2010-10-01 Configuration Manual page 248

JunosE 11.3.x IP Services Configuration Guide
ipsec ca identity
ipsec ike-policy-rule
ipsec isakmp-policy-rule
222
host1(config)#
Use the no ipsec ca identity command for the specified CA or boot the router using
the factory defaults to remove the router's public certificate that was generated during
the online configuration.
There is no no version.
See ipsec ca enroll.
Use to specify the CA that the ERX router uses for online certificate requests and to
enter IPSec Identity Configuration mode.
In IPSec Identity Configuration mode you specify information that the router uses in
certificate requests and during negotiations with its peers.
Example
host1(config)#ipsec ca identity trustedca1
host1(config-ipsec-identity)#
Use the no version to remove the identity configuration.
See ipsec ca identity.
Use to define an ISAKMP/IKE policy.
When you enter the command, you include a number that identifies the policy and
assigns a priority to the policy. You can number policies in the range 1–10000, with 1
having the highest priority.
Example
host1(config)#ipsec ike-policy-rule 3
host1(config-ike-policy)#
Use the no version to remove policies. If you do not include a priority number with the
no version, all policies are removed.
NOTE: This command replaces "ipsec isakmp-policy-rule" on page 217 ,
which may be removed completely in a future release.
See ipsec ike-policy-rule.
Use to define an ISAKMP/IKE policy.
When you enter the command, you include a number that identifies the policy and
assigns a priority to the policy. You can number policies in the range 1–10000, with 1
having the highest priority.
Example
Copyright © 2010, Juniper Networks, Inc.