JunosE 11.3.x Command Reference Guide A to M
ike crl
Syntax
Release Information
Description
Options
Mode
696
ike crl { ignored | optional | required }
no ike crl
Command introduced before JunosE Release 7.1.0.
Controls how the router handles certificate revocation lists (CRLs) during negotiation of
IKE phase 1 signature authentication. The no version returns the CRL setting to the default,
optional.
NOTE: This command has been replaced by the ipsec crl command and may
be removed completely in a future release.
ignored—Allows negotiations to succeed even if a CRL is invalid or the peer's certificate
appears in the CRL; this is the most lenient setting
optional—If the router finds a valid CRL, it uses it; this is the default
required—Requires a valid CRL; either the certificates belonging to the E Series router
or the peer must not appear in the CRL; this is the strictest setting
Global Configuration
Copyright © 2010, Juniper Networks, Inc.