EasyManua.ls Logo

GE MDS ORBIT ECR - Page 438

GE MDS ORBIT ECR
463 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
438 MDS Orbit MCR/ECR Technical Manual MDS 05-6632A01, Rev. F
# Bridge/LAN#2 interface configuration
set interfaces interface Bridge2 type bridge
set interfaces interface Bridge2 ipv4 address 192.168.2.1 prefix-length 24
set interfaces interface Bridge2 filter input IN_TRUSTED
set interfaces interface Bridge2 filter output OUT_TRUSTED
set interfaces interface Bridge2 bridge-settings members port ETH1
# Cell interface configuration
set interfaces interface Cell type cellular
set interfaces interface Cell enabled true
set interfaces interface Cell ipv4 dhcp point-to-point-connection true
set interfaces interface Cell filter input IN_UNTRUSTED
set interfaces interface Cell filter output OUT_UNTRUSTED
set interfaces interface Cell cell-config connection-profile PROFILE-1 bearer-config apn <CUSTOMER-APN>
# Loopback interface used as source address for GRE tunnels towards JUNOS
# This is required for GRE traffic to ride on IPsec tunnel
set interfaces interface LO-SRX240 type loopback
set interfaces interface LO-SRX240 ipv4 address 172.16.1.2 prefix-length 32
# IKE/IPsec configuration
set services vpn enabled true
set services vpn ike policy SRX240-IKE-POLICY auth-method pre-shared-key
set services vpn ike policy SRX240-IKE-POLICY pre-shared-key test123
set services vpn ike policy SRX240-IKE-POLICY ciphersuite CS1 encryption-algo aes128-cbc
set services vpn ike policy SRX240-IKE-POLICY ciphersuite CS1 mac-algo sha256-hmac
set services vpn ike policy SRX240-IKE-POLICY ciphersuite CS1 dh-group dh14
set services vpn ike peer SRX240-IKE-PEER ike-policy SRX240-IKE-POLICY
set services vpn ike peer SRX240-IKE-PEER local-identity default
set services vpn ike peer SRX240-IKE-PEER peer-endpoint address 172.18.175.40
set services vpn ike peer SRX240-IKE-PEER peer-identity default
set services vpn ike peer SRX240-IKE-PEER role initiator
set services vpn ipsec policy SRX240-IPSEC-POLICY ciphersuite CS1 encryption-algo aes128-cbc
set services vpn ipsec policy SRX240-IPSEC-POLICY ciphersuite CS1 mac-algo sha256-hmac
set services vpn ipsec policy SRX240-IPSEC-POLICY ciphersuite CS1 dh-group dh14
set services vpn ipsec connection SRX240 ike-peer SRX240-IKE-PEER
set services vpn ipsec connection SRX240 ipsec-policy SRX240-IPSEC-POLICY
set services vpn ipsec connection SRX240 local-ip-subnet 172.16.1.2/32
set services vpn ipsec connection SRX240 remote-ip-subnets 172.16.1.1/32
set services vpn ipsec connection SRX240 filter input IN_TRUSTED

Table of Contents

Related product manuals