[j-nsp] Dynamic Endpoints w/ IPSec

Stefan Fouant sfouant at gmail.com
Tue Jul 8 12:21:29 EDT 2008


What version of code are you running?

I am currently running JUNOS 8.2R4.5 in my network and I am using the
same local-gateway in multiple service-sets:

service-set a-b{
    next-hop-service {
        inside-service-interface sp-2/2/0.5;
        outside-service-interface sp-2/2/0.6;
    }
    ipsec-vpn-options {
        local-gateway x.x.x.22;
    }
    ipsec-vpn-rules a-b;
}
service-set a-c {
    next-hop-service {
        inside-service-interface sp-2/2/0.7;
        outside-service-interface sp-2/2/0.8;
    }
    ipsec-vpn-options {
        local-gateway x.x.x.22;
    }
    ipsec-vpn-rules a-c;
}
service-set a-d {
    next-hop-service {
        inside-service-interface sp-2/2/0.9;
        outside-service-interface sp-2/2/0.10;
    }
    ipsec-vpn-options {
        local-gateway x.x.x.22;
    }
    ipsec-vpn-rules a-d;
}

Doesn't seem to be a problem for me.

-- 
Stefan Fouant
Principal Network Engineer
NeuStar, Inc. - http://www.neustar.biz
GPG Key ID: 0xB5E3803D

On Tue, Jul 8, 2008 at 10:16 AM, Derick Winkworth <dwinkworth at wi.rr.com> wrote:
> Does anyone know if there are any plans to remove the restriction where you
> can not use the same local gateway in multiple service-sets?
> It would be so great if this were true...
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


More information about the juniper-nsp mailing list