service-set (Services)
Syntax service-set service-set-name {
allow-multicast;
captive-portal-content-delivery-profile;
extension-service service-name {
provider-specific-rules-configuration;
}
(ids-rules rule-name | ids-rule-sets rule-set-name);
interface-service {
load-balancing-options {
hash-keys {
egress-key (destination-ip | source-ip);
ingress-key (destination-ip | source-ip);
}
}
service-interface interface-name;
}
ipsec-vpn-options {
anti-replay-window-size bits;
clear-dont-fragment-bit;
ike-access-profile profile-name;
local-gateway address;
no-anti-replay;
passive-mode-tunneling;
trusted-ca [ ca-profile-names ];
tunnel-mtu bytes;
udp-encapsulation {
<udp-dest-port destination-port>;
}
}
ip-reassembly-rules rule-name};
(ipsec-vpn-rules rule-name | ipsec-vpn-rule-sets rule-set-name);
max-flows number;
max-drop-flows {
ingress ingress-flows;
egress egress-flows;
}
max-session-creation-rate max-setup-rate;
nat-options {
land-attack-check (ip-only | ip-port);
max-sessions-per-subscriber session-number;
stateful-nat64{
clear-dont-fragment-bit;
}
}
(nat-rules rule-name | nat-rule-sets rule-set-name);
next-hop-service {
inside-service-interface interface-name.unit-number;
outside-service-interface interface-name.unit-number;
outside-service-interface-type local;
service-interface-pool name;
}
(pgcp-rules rule-name | pgcp-rule-sets rule-set-name);
Copyright © 2017, Juniper Networks, Inc.1710
ACX Series Universal Access Router Configuration Guide
To Next Page
Loading...
