[j-nsp] IP sec allowed "proxy list / access-list" in JunOS
Andrew Ramsey
akramsey at juniper.net
Mon Mar 15 06:25:56 EST 2004
Hi,
Are you using the ES PIC or the ASP? The configuration is different for
each.
For ES PIC:
http://www.juniper.net/techpubs/software/junos/junos62/swconfig62-servic
es/html/encryption-config7.html
For ASP: The documentation for configuring this on the ASP is not so
good :-( . Maybe an example would help, so I'll see what I can do.
What you're looking for is the configuration for an IPSec rule:
http://www.juniper.net/techpubs/software/junos/junos62/swconfig62-servic
es/html/ipsec-config43.html
Andy
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of
> Bosco Sachanandani
> Sent: Sunday, March 14, 2004 11:00 PM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] IP sec allowed "proxy list / access-list" in JunOS
>
>
> hi,
>
> I have setup an IPSec 3DES tunnel from an M20 to a
> Netscreen500 which is working without any problems.
>
> However, the current setup allows ANY to ANY traffic to pass
> through the IPSec tunnel.
>
> The netscreen has a "proxy-id" configuration where the
> prefixes that are allowed to pass through the IPSec tunnel
> can be specified.
>
> Can someone direct me to a link where I can find the
> procedure to do the same on the M20? I searched the Juniper
> website but could not find anything for the M series routers.
>
> Thank you
>
> regards,
> Bosco
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/junipe> r-nsp
>
More information about the juniper-nsp
mailing list