Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  What is Phase 1 and Phase 2 proposals?

    Posted 07-28-2009 23:52

    What is Phase 1 and Phase 2 proposals?

     

    Is there any difference between them?

     

    Why and where do we need them?

     

    I know I can find the answers by searching the knowledge base but it will be nice if someone can find it for me until I return to work tomorrow.

     

    Thanks !



  • 2.  RE: What is Phase 1 and Phase 2 proposals?
    Best Answer

    Posted 07-29-2009 00:30

    I recommend you to study the Config Guide for, for instance, the 320M, there comes a detailed explanation about VPN. From this way, you'll be able to know what is Tunnel and Transport Mode, Main and Agressive Modes...and when you must use them...There you can see:

     

    - Phase 1:  Phase 1 of an AutoKey IKE tunnel negotiation consists of the exchange of proposals for how to authenticate and secure the channel. The exchange can be in one of two modes: Aggressive or Main.

    - Phase 2: After the participants have established a secure and authenticated channel, they proceed through Phase 2, in which they negotiate the SAs to secure the data to be transmitted through the IPSec tunnel.

     

    This is a very brief summary about VPN, if you want to understand really how VPN works read the document.

     

    Regards