JUNOS vpn config question

Berg0

[H]ard|Gawd
Joined
May 16, 2005
Messages
1,038
I'll post this is the correct forum now.. D'oh

Hi guys, another question for you regarding best practices on VPN config. Is it ok to share ike and ipsec proposal and policy config between secure tunnels? I know they would use the same PSK's, but does it matter? it seems kind of redundant to keep defining additional proposal and policy config for each new tunnel.

the tunnels are all between branch office clusters of SRX-100's
 

keenan

2[H]4U
Joined
Aug 5, 2009
Messages
2,695
I wouldn't share PSKs across multiple tunnels. Policies that don't include keys can certainly be shared though.
 
Top