Hello,
@Regalis wrote:
HI,
Yes I have seen that document and it appears to be a policy based configuration.
It is not. It is route-based IPSec and SRX-style policy-based IPSec is not supported on MX.
It is true that You have to configure a policy to populate proxy-ids BUT You HAVE to use routing to direct traffic into MX IPSec interface.
@Regalis wrote:
HI,
. I want to use a route based VPN that allows me to run a routing protocol across it.
This config allows to run Your chosen protocol, even multicast-based such as OSPFv2, without additional GRE encaps, unlike CSCO.
@Regalis wrote:
HI,
The configuration on the link uses policy to direct traffic across the tunnel
This policy is just for proxy-id creation.
@Regalis wrote:
HI,
binding an interface that will become one end of a point to point link. On an SRX this would be the st0 interface.
The MX MS-MIC equivalent is ms-x/y/z.w logical interface which is marked as "inside" in the config.
HTH
Thx
Alex