Description: Lab exercise explains configuration ike phase1 policy for a VPN tunnel
The IKE policy will specify main mode which is most commonly used for site-to-site VPNs in which both peers have static IP addresses. Aggressive mode is typically used when one peer is a dynamic eer. For both peers, the mode must match. In the IKE policy, the phase 1 proposal is defined as well as the preshared-key.
[edit security ike]
mode [main | aggressive];
(proposals proposal-name) | (proposal-set [basic | compatible | standard]);
pre-shared-key [ascii-text | hexadecimal];
1. Create a IKE Phase1 policy
2. Set the IKE Phase 1 policy mode.
3. Specify a reference to the IKE proposal.
4. Define the IKE Phase 1 policy authentication method.
refer to the CertExams.com Juniper
Network Simulator software
for complete lab.