I removed an old, and unused VPN from Security Director and then had to remove some of the config manually, per JTAC support. I only removed lines that contained the name of the specific VPN. Now, when I double check that Sec DIr and the CLI agree, in Security Director, where you can preview the changes in the Devices section, I see it wants to remove three sections of code from a section under Security->tcp-encap. I've looked at my other VPNs and they use the profile defined in that section, so I don't want to let Sec Dir remove it. I want to add that back to Sec Dir, but I can't find where to do that. Here is the section of code:
{primary:node0}[edit security tcp-encap]
sa.john_williamson@NONL-SRX01# show
profile sslvpn-profile {
ssl-profile sslvpn;
log;
}
profile sslvpn-mf-profile {
ssl-profile sslvpn-mf-profile;
}
global-options {
enable-tunnel-tracking;
}
Here is the change preview in Sec Dir
------------------------------
JOHN WILLIAMSON
------------------------------