Hi Arslan,

I understand that your query is regarding IPSEC routing policies on screen OD firewalls, please post your query on the Screen OS forum to get appropriate information

http://forums.juniper.net/t5/ScreenOS-Firewalls-NOT-SRX/bd-p/Firewalls

Regards,

Kannan

Dear Kalagesan

My query is regarding the IC. Juniper documentation saying that with screen os earlier 6.1 we need to configure the screen os ipsec policies and an ipsec routing policy for each recource that we wnat to protect however with screen os 6.1 and later IC device can dynamically provision ipsec routing policies so we dont need to configure a seperate policy for each resource.

My question is how this ipsec policy works and how we can configure it?

Hi,

Navigate to IC ADMIN GUI --> UAC --> Infranet Enforcer --> IPSec Routing --> Configured Poicy --> Resources

Check the box named Dynamic

Note: If I have answered your question, you could mark this post as accepted solution, that way it helps others. Kudous is a bonus thanks.

Regards,

Raveen

Hi Arslan,

IPSec routing policy is used in IC for IPSEC enforcement, the configuration option is mentioned by Raveen in the previuos update. The detailed used case is covered in UAC Interoperability with the ScreenOS Enforcer guide under "Using IPsec with the Infranet Enforcer" section.

Please refer the same for more information.

http://www.juniper.net/techpubs/software/uac/4.2xguides/j-ic-uac-4.2-uacscreenos.pdf

Regards,
Kannan

Yes I read this topic in admin guide... Actually I read all the topics in admin guide.... I have confusion regarding provisioning the resources with dynamic ipsec routing policies. This feature is not supported on JUNOS enforcer it is only supported screen os with release 6.3. With this feature we do not need to configure the ipsec policies for each resource on ic.

Any how thanks a lot for the support.

best regards

Arslan Nawaz

why use IPSEC policy, when you can use a certificate.