Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Does ScreenOS support IPSec esp-null?

0

0

Article ID: KB8978 KB Last Updated: 24 Aug 2010Version: 3.0
Summary:

With ScreenOS 5.0, for either the encryption or authentication algorithm you can select NULL; however, you cannot select NULL for both simultaneously.

Symptoms:
Can you select esp-null for both encryption and authentication?
Solution:

No, esp-null can be selected for either encryption or authentication, not both.

Sample esp-null configuration:

set ike p2-proposal "nopfs-esp-null-md5" no-pfs esp null md5 second 3600

ns5gt-> get ike p2-proposal
Id Name                 Grp Protocol Enc_alg Auth_alg Lifetime   Lifesize
-- -------------------- --- -------- ------- -------- ---------- ----------
 0 nopfs-esp-des-md5      0 ESP      DES     MD5            3600          0
 1 nopfs-esp-des-sha      0 ESP      DES     SHA-1          3600          0
 2 nopfs-esp-3des-md5     0 ESP      3DES    MD5            3600          0
 3 nopfs-esp-3des-sha     0 ESP      3DES    SHA-1          3600          0
 4 nopfs-esp-aes128-md5   0 ESP      AES128  MD5            3600          0
 5 nopfs-esp-aes128-sha   0 ESP      AES128  SHA-1          3600          0
 6 g2-esp-des-md5         2 ESP      DES     MD5            3600          0
 7 g2-esp-des-sha         2 ESP      DES     SHA-1          3600          0
 8 g2-esp-3des-md5        2 ESP      3DES    MD5            3600          0
 9 g2-esp-3des-sha        2 ESP      3DES    SHA-1          3600          0
10 g2-esp-aes128-md5      2 ESP      AES128  MD5            3600          0
11 g2-esp-aes128-sha      2 ESP      AES128  SHA-1          3600          0
12 nopfs-esp-null-md5     0 ESP      NULL    MD5            3600          0
  Total Phase 2 proposals: 13
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search