Interoperability with Juniper brand devices » History » Version 1
Interoperability with Juniper brand devices¶
Known Quirks¶The following quirks are known:
|SRX firmware||*|| * IKEv2 is only supported with a single set of subnets per CHILD_SA. Thus the same workaround for IKEv1 has to be used with them.
* Errors during IKE negotiation are sent as unprotected INFORMATIONAL messages, which are not processed by strongSwan because they are unprotected (although at that point in time, the shared key is already negotiated and hence the packets can be protected)
For site-to-site tunnels, the aptly named configuration examples from the UsableExamples page can be used.
For roadwarrior type tunnels, it is analogous.