Project

General

Profile

Interoperability with Juniper brand devices » History » Version 1

Version 1/2 - Next » - Current version
Noel Kuntze, 02.06.2020 02:17
Interoperability with Juniper brand devices


Interoperability with Juniper brand devices

Known Quirks

The following quirks are known:
Software Version Quirks
SRX firmware * * IKEv2 is only supported with a single set of subnets per CHILD_SA. Thus the same workaround for IKEv1 has to be used with them.
* Errors during IKE negotiation are sent as unprotected INFORMATIONAL messages, which are not processed by strongSwan because they are unprotected (although at that point in time, the shared key is already negotiated and hence the packets can be protected)

Configurations

For site-to-site tunnels, the aptly named configuration examples from the UsableExamples page can be used.
For roadwarrior type tunnels, it is analogous.