Is it mandatory to allow ike ( security zone untrust int ge-0/0/1 host-inbound-traffic system-services ike)
, I am trying configure Cluster with two new SRX 240H2, the old/current SRX 240h does not have configuration for the Ike on the interface , but still we have ipsec tunnel established , So I want to double check whether it is needed or if it is needed how is the present configuration working
** The present configuration does not have Ike on the interface g 0/0/3 (Untrust-connecting to ISP) ,neither their is a configuration for security zone security zone untrust host-inbound-traffic system-services ike