Nick Unfortunately what you ask isn't possible on JUNOS. I tried to set this up a few years ago and the only thing you can do it encrypt all traffic between your two ipsec routers. So any OP traffic would be shutdown the ipsec tunnel. Not just selectively like you can with IOS for protocols such as gre. I opened a JTAC case for assistance and they were dumbfounded as to what I was trying to do.
Hope this answers your question. Chris On May 24, 2010 8:55 AM, "Nick Ryce" <nick.r...@lumison.net> wrote: Hi Guys, Is there a way to set up a gre tunnel and then encrypt gre packets with ipsec? I know it can be done on a cisco but the juniper kb makes my eyes bleed trying to find anything. I found the following config here http://communities.juniper.net/jnet/attachments/jnet/srx/509/1/gre-ipsec-srx240.txtbut dont think that would encrypt everything going down the tunnel....or would it. Im using 9.6 at the moment. Any help appreciated -- Nick Ryce Network Engineer Lumison 08451199999 P.S. do you love Lumison? Why not take a moment and vote for us? http://bit.ly/Vote_Lumison -- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender. Any offers or quotation of service are subject to formal specification. Errors and omissions excepted. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of Lumison. Finally, the recipient should check this email and any attachments for the presence of viruses. Lumison accept no liability for any damage caused by any virus transmitted by this email. _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp