[j-nsp] ES PIC required for BGP-over-IPSEC?
Daniel Roesen
dr at cluenet.de
Fri Apr 16 14:41:08 EDT 2004
On Fri, Apr 16, 2004 at 11:34:03AM -0700, harry wrote:
> The ES PIC is not needed to secure RE based BGP sessions.
OK, fine.
> This is done at the protocols bgp hierarchy:
>
>
> [edit protocols bgp]
> lab at Sydney# set ipsec-sa ?
> Possible completions:
> <ipsec-sa> IPSec SA name
Sure, this is set for the peer. I didn't quote it as I thought this
would be obvious. :-)
dr at A> show configuration protocols bgp group ibgp-mesh neighbor
192.168.0.5
ipsec-sa ibgp;
dr at E> show configuration protocols bgp group ibgp-mesh neighbor
192.168.0.1
ipsec-sa ibgp;
Any clues on why I'm getting the same error on both neighbors?
I don't see a typo. Am I missing any additional configuration
necessary?
Best regards,
Daniel
More information about the juniper-nsp
mailing list