You need to use selective packet mode, not full packet mode to use ipsec. On Feb 16, 2014 12:36 PM, "Michel de Nostredame" <d.nos...@gmail.com> wrote:
> On Thu, Dec 19, 2013 at 6:43 AM, Eugeniu Patrascu <eu...@imacandi.net> > wrote: > > On Thu, Dec 19, 2013 at 4:25 PM, Tom Storey <t...@snnap.net> wrote: > > > >> FWIW the situation I am picturing would not require NAT or IPSEC or > >> other services like that, just packet shifting with ACLs, some routing > >> protocols (IS-IS/BGP), and something like VRRP for gateway redundancy. > >> > > You can still use IPSec. I'm not sure about NAT, but most probably you > will > > get it the old JUNOS way (no security zones). > > > > Could you share the full IPsec configuration when running J/SRX in > packet-mode? > Those documents I read from Juniper are describing IKE & IPSEC config > under [edit security], but system refuse to take them when running in > packet-mode. > > Thanks, > ~Michel~ > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp