Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides
Register
FAQ
It is currently Wed Oct 04, 2023 8:58 pm

ROOT ‹ Network Security & Routing & Switching ‹ VPN / Dynamic VPN / Ipsec ‹ Site2Site Ipsec/Dialup/ike v2

Post a reply

Site2Site Ipsec/Dialup/ike v2

« Previous topic | Next topic »
Author Message
balzac123
Post  Post subject: Site2Site Ipsec/Dialup/ike v2  |  Posted: Wed Sep 16, 2015 9:07 am

Joined: Wed Sep 16, 2015 9:04 am
Posts: 1

Offline
 

Site2Site Ipsec/Dialup/ike v2

Hello
I have gotten a couple of requierments from the infrastructure architects at my job, for the site2site vpn to our small offices.

- Cert authentication
- Ike V2

There are some offices that have a dynamic ip, when i did some googling i found this two articels that seems to contradict eachother.

https://kb.juniper.net/InfoCenter/index ... login=true here they are using aggressive mode (so i guess it wont work in ike v2)
http://www.juniper.net/techpubs/en_US/j ... ec-site-... here it also says that i have to use aggresive mode vpn.



https://kb.juniper.net/InfoCenter/index ... id=KB24704 here they solve it in a different way (i guess this solution supports ike v2? )


So can i solve it with in this way?

gateway gw_svr {
ike-policy ike_pol_svr;
dynamic {
distinguished-name {
container CN=client-srx;
}
}


Like in the pki example.





Top
Display posts from previous:  Sort by  
 E-mail friendPrint view
Post a reply
Who is online
Users browsing this forum: No registered users and 0 guests
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
Jump to:  
cronNews News Site map Site map SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list


ROOT ‹ Network Security & Routing & Switching ‹ VPN / Dynamic VPN / Ipsec
Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]



phpBB SEO