I undertand that now it is possible IKE v2 with traffic selectors, but I can't make it work. Please see the output from my FW. You can see that after I add the traffic-selector is telling me that I am missing statements that are clearly in the config. Have you encountered this? my box is an SRX4100 with 15.1X49-D150.2
xxxxxxx# show | compare
[edit security ipsec]
xxxxxxx { ... }
+ vpn xxxxxxxPH2_VPN {
+ bind-interface st0.xxxxxxx;
+ ike {
+ gateway xxxxxxx-PH1_Gateway;
+ ipsec-policy xxxxxxx-PH2_Policy;
+ }
+ }
+ vpn xxxxxxx-PH2-VPN {
+ traffic-selector xxxxxxx-Proxy1 {
+ local-ip xxxxxxx/32;
+ remote-ip xxxxxxxxxxxxxxxxxxxxx/32;
+ }
+ ## Warning: missing mandatory statement(s): 'manual' or 'ike'
+ }
xxxxxxx# commit check
[edit security ipsec vpn xxxxxxx-PH2-VPN]
'traffic-selector'
Bind-interface must be configured under [edit security ipsec vpn] hierarchy
[edit security ipsec]
'vpn xxxxxxx-PH2-VPN'
Missing mandatory statement: 'manual' or 'ike'
error: configuration check-out failed: (missing mandatory statements)
{primary:node0}[edit]
xxxxxxx#