CertExams.com Simulator Lab Exercises Answers

Configuring IPSEC Phase 2 proposals

Description: Lab exercise explains the configuration of IPSEC Phase2 proposals

To establish an AutoKey IKE IPsec tunnel, two phases of negotiation are required:

In Phase 1, the participants establish a secure channel in which to negotiate the IPSEC Security Associations (SAs).

In Phase 2, the participants negotiate the IPSEC SAs for encrypting and authenticating the ensuing exchanges of user data.

Command Syntax:

[edit security ipsec]
proposal <proposal-name>{
protocol [ah | esp];
authentication-algorithm [hmac-md5-96 | hmac-sha1-96];
encryption-algorithm [3des-cbc | aes-128-cbc | aes-192-cbc | aes-256-cbc | des-cbc];
lifetime-kilobytes <kilobytes>;
lifetime-seconds <seconds>;

Network Diagram:

lab image


1. Create an IPsec Phase 2 proposal.

2. Specify the IPsec Phase 2 proposal protocol.

3. Specify the IPsec Phase 2 proposal authentication algorithm.

4. Specify the IPsec Phase 2 proposal encryption algorithm

Please refer to the CertExams.com Juniper Network Simulator software for complete lab.

CertExams Blog!  Certexams.com Facebook Page Certexams.com Twitter Page Certexams on YouTube