Juniper Networks® Field Guide and Reference

Configuring Security Associations

To configure an SA for IPSec, include the security-association statement, specifying a security association name:

[edit security ipsec] 
security-association name;

IPSec runs in two modes: transport and tunnel. By default, tunnel mode is enabled. Tunnel mode protects connections between security gateways. Tunnel mode requires the ES PIC. To configure transport mode, include the mode statement, specifying the transport option. In transport mode, the JUNOS software does not support AH and encapsulating security payload (ESP) header bundles.

[edit security ipsec security-association name] 
mode transport;

To set the replay window size to protect the receiver against replay attacks by rejecting old or duplicate ...

Get Juniper Networks® Field Guide and Reference now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Juniper Networks® Field Guide and Reference by Aviva Garrett, Gary Drenan, Cris Morris, Juniper Networks®

Configuring Security Associations

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly