security vpn ipsec site-to-site peer <peer> tunnel <tunnel> protocol <protocol>
Specifies the protocol to match for traffic to enter the tunnel.
The default is all.
- peer
- Mandatory. The address of the far-end VPN gateway. The format is an IPv4 address, an IPv6 address, a hostname (IPv4 networks only), an authentication ID, or 0.0.0.0.
- tunnel
- Mandatory. Multi-node. An integer that uniquely identifies this tunnel configuration for this peer VPN gateway. Each tunnel corresponds to a distinct connection configuration. The numbers range from 0 through 4294967295.
A given VPN peer may have more than one tunnel configuration, but each peer must have at least one. To define more than one tunnel configuration for a peer, create multiple tunnel configuration nodes within the peer configuration.
- protocol
- Any protocol literals or numbers listed in the file /etc/protocols can be used. The keywords tcp_udp (for both TCP and UDP) and all (for all protocols) are also supported.
Configuration mode
security {
vpn {
ipsec {
site-to-site {
peer peer {
tunnel tunnel {
protocol protocol
}
}
}
}
}
}Use this command to specify the protocol to match for traffic to enter the tunnel.
Use the set form of this command to specify the protocol.
Use the delete form of this command to remove protocol configuration.
Use the show form of this command to view protocol configuration.