Junos – VPN Hierarchy
Wow! A Junos post! Amazing.
We all know that the configuration on a Junos box is very hierarchical. Sometimes it doesn’t make a lot of sense, but it’s all a pretty cascade of code. One of the big messes that I’ve found is the VPN configuration hierarchy; there are way more items to configure than on an IOS device. To reinforce the stpes in my head, I thought I’d get some of the pieces into a post. These aren’t all the options, but it’s all you need to get a static IPSec tunnel up and running.
That’ll do, pig. I’ll fire off a real configuration post later. Feel free to add your pair of pennies since I’m a total Junos n00b.
Send any stocking stuffers questions my way.
- Generating Network Diagrams from Netbox with Pynetbox - August 23, 2023
- Out-of-band Management – Useful Beyond Catastrophe - July 13, 2023
- Overlay Management - July 12, 2023
You really think this is worse than IOS? Especially when you display it like this, it makes total sense. You have 3 “sections” for each of ike and ipsec. It honestly couldn’t be more clear.
Also, why is bind-interface a complicated story?
Twenty-two different configuration items is a mess, though it’s present much more clearly than IOS for sure. The bind interface gets complicated when you have multiple combinations of remote and local proxy identities to the same gateway.