Junos – VPN Hierarchy
Wow! A Junos post! Amazing.
We all know that the configuration on a Junos box is very hierarchical. Sometimes it doesn’t make a lot of sense, but it’s all a pretty cascade of code. One of the big messes that I’ve found is the VPN configuration hierarchy; there are way more items to configure than on an IOS device. To reinforce the stpes in my head, I thought I’d get some of the pieces into a post. These aren’t all the options, but it’s all you need to get a static IPSec tunnel up and running.
That’ll do, pig. I’ll fire off a real configuration post later. Feel free to add your pair of pennies since I’m a total Junos n00b.
Send any stocking stuffers questions my way.
- Netbox Upgrade Play-by-play - April 25, 2023
- Sending Slack Messages with Python - March 15, 2023
- Using Python Logging to Figure Out What You Did Wrong - February 26, 2023
You really think this is worse than IOS? Especially when you display it like this, it makes total sense. You have 3 “sections” for each of ike and ipsec. It honestly couldn’t be more clear.
Also, why is bind-interface a complicated story?
Twenty-two different configuration items is a mess, though it’s present much more clearly than IOS for sure. The bind interface gets complicated when you have multiple combinations of remote and local proxy identities to the same gateway.