Ask the Expert

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.

Expand all | Collapse all

SRX Policy Based VPN and IKEv2

  • 1.  SRX Policy Based VPN and IKEv2

    Posted 04-26-2021 08:43
    Hi ,

    I wanted to know if SRX supports the use of policy based VPN with IKEv2 as I understand traffic selectors are only supported on newer versions Junos using IKEv2 .

    Thanks
    Stan

    ------------------------------
    Stanley Hou
    ------------------------------


  • 2.  RE: SRX Policy Based VPN and IKEv2

    Posted 04-27-2021 05:11
    Hello Stan,
       ikev2 is only supported on route-based ipsec vpn (based on experience). I think its more flexible since you can manipulate who goes out to the tunnel internface.

    The only issue here is that if the 3rd party firewall doesn't support route-based.

      You can check out the document here if you like : > Policy-Based IPsec VPNs | IPsec VPN User Guide for Security Devices | Juniper Networks TechLibrary

    Thanks,
    Leangf

    ------------------------------
    Leangf Leangf
    ------------------------------



  • 3.  RE: SRX Policy Based VPN and IKEv2

    Posted 04-27-2021 08:07
    ​Hello Leangf,

    I have come across that document in the past  but didn't see any mention of IKEv2/IKEv1 support.

    Had a hunch that IKEv2 on policy based VPN won't be supported, thanks for your reply.

    Thanks
    Stan

    ------------------------------
    Stan
    ------------------------------