These are next-hop ipsec sets. For example:
service-set ashburn2 {
ipsec-vpn-options {
local-gateway 10.11.12.13;
}
ipsec-vpn-rules ashburn2;
next-hop-service {
inside-service-interface sp-0/0/0.13;
outside-service-interface sp-0/0/0.12;
}
}
local-gateway has been changed to protect the innocent...
--
matt
Stefan Fouant wrote:
On Wed, Jan 28, 2009 at 1:17 PM, Matt Stevens <m...@elevate.org
<mailto:m...@elevate.org>> wrote:
Well, the fact that I'm terminating the tunnel helps. :-)
Basically, I want to apply an output filter on the tunnel interface
to filter packets leaving the tunnel towards a local subnet.
--
matt
What type of service set are you using?
--
Stefan
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
