[j-nsp] Configuring ipsec with an Adaptive Services PIC
John Holmes
jwholmes at earthlink.net
Wed May 25 12:46:43 EDT 2005
Alexander Arsenyev (GU/ETL) wrote:
>Hello,
>
>Could You show us the the configuration for the filter "ipsec-tunnel" appied to sp-1/2/0.0 ?
>AFAIK, it's this filter that matters in IKE phase 2 when ID payloads are exchanged.
>Also, what is the remote IKE peer, is it Juniper/Cisco router/Cisco PIX/something else?
>If it is a Cisco router You could enable "debug crypto isa" and "debug crypto ipsec" to
>see how IKE phases negotiate.
>HTH,
>Cheers
>Alex
>
>
>
>
>
It is exactly like the example and I put it in just for the counter. It
should not be causing a problem but I could take it out.
firewall {
|*filter ipsec-tunnel {*|
term 1 {
then {
count ipsec-tunnel;
accept;
}
}
}
}
More information about the juniper-nsp
mailing list