Re: SRX ipsec VPN from virtual-router routing-instance

Lars-M-Nielsen · ‎10-12-2009

Junos 11.1 makes it possible to terminate an IKE session in a routing-instance

Lars M. Nielsen
System Engineer
Extreme Networks ENS certified/Instructor
Juniper JNCIE-M certified/Instructor
DK-3450 Allerød

husni1984 · ‎06-10-2009

Could you give us the referrence literature?

WL · ‎07-26-2008

The following KB has it: http://kb.juniper.net/InfoCenter/index?page=content&id=KB21487

****pls click the button " Accept as Solution" if my post helped to solve your problem****

estelle.sonnic@eric… · ‎03-26-2013

Hi !

I'm interested by this topic, as I need to establish IKE/IPSEC tunnels in a virtual routing instance (VR).

* Node: SRX 240H

* JunOS version: 11.4R4.4

* firewall running in a active/standby Cluster

1) I need to know if it is possible to establish IKE/IPSEC tunnels in a virtual routing instance (VR), using Policy-based IPSec VPN, with reth interfaces in the VR ?

Using reth (reth.x as vlan will be used) interfaces is different than the configuration example given in KB1423. So, I prefer to ask.

2) By the way, all my Security Zones (named Green and Blue in KB1423) will share the same virtual routing instance: in that case, is it necessary to use rib-groups ?

Thanks,

Estelle