On Cisco 3620 I can make following config ...
!
interface Tunnel22
no ip address
tunnel source 2.3.4.5
tunnel destination 6.7.8.9
tunnel key 234234234
!
In RFC 1701 is written ...
Packet header
The GRE packet header has the form:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|C|R|K|S|s|Recur| Flags | Ver | Protocol Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum (optional) | Offset (optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Key (optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number (optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Routing (optional)
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Flags and version (2 octets)
The GRE flags are encoded in the first two octets. Bit 0 is the
most significant bit, bit 15 is the least significant bit. Bits
13 through 15 are reserved for the Version field. Bits 5 through
12 are reserved for future use and MUST be transmitted as zero.
...
Key Present (bit 2)
If the Key Present bit is set to 1, then it indicates that the Key
field is present in the GRE header. Otherwise, the Key field is
not present in the GRE header.
on srx240 I do not see such option ...
# set interfaces gr-0/0/0.0 tunnel ?
Possible completions:
allow-fragmentation Do not set DF bit on packets
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
destination Tunnel destination
do-not-fragment Set DF bit on packets
no-path-mtu-discovery Don't enable path MTU discovery for tunnels
path-mtu-discovery Enable path MTU discovery for tunnels
> routing-instance Routing instance to which tunnel ends belong
source Tunnel source
ttl Time to live (0..255)
[edit]
Also: is "gre key" option (feature) supported on SRX?