1676358692,

有谁做过，h3c接Juniper 

是不是加密方式相同，秘钥相同就可以建立隧道了

组网及组网描述：

IDC-SSG55

  set zone id 1

 unset zone HDQD tcp-rst

 set interface "tunnel.11" zone HDQD

 set interface tunnel.11 ip unnumbered interface ethernet

 set address "HDQD" "1

set ike p1-proposal “P1-Prop” preshare group2 esp 3des sha-1 second 288

 set ike p2-proposal “P2-Porp” group1 esp 3des sha-1 second 36

set ike gateway "IDC HDQD" address y.y.y.y Main outgoing-interface e

 set vpn "IDC HDQD" gateway "IDC HDQD" no-replay tunnel idletime

set ike gateway "IDC HDQD" address y.y.y.y Main outgoing-interface e

set vpn "IDC HDQD" gateway "IDC HDQD" no-replay tunnel idletime

set vpn "IDC HDQD" monitor

set vpn "IDC HDQD" bind interface tunnel.11

unset interface tunnel.11 acvpn-dynamic-routing

set policy id 75

set src-address "y.y.y.y"

set policy id 88 from "Trust" to "HDQD" "1

set policy id 89 from "HDQD" to "Trust" "1

 set policy id 9

 set policy id 91 from "HDQD" to "AthenaSH" "1

 set policy id 92 from "VPN-HDSH" to "HDQD" "1

 set policy id 93 from "HDQD" to "VPN-HDSH" "1

 set policy id 94 from "VPN-HDNB2" to "HDQD" "1

 set src-address "1

 set dst-address "1

 set policy id 97 from "HDQD" to "athenahz" "1

 set policy id 98 from “HDQD” to “HDBJ” “1

 set policy id 99 from “HDBJ” to “HDQD” “1

 set route 1

2

不要管juniper的配置形式，只要华三的配置方式正确就ok了，当然秘钥和加密方式要一致，以及隧道对方指对了。

2

感谢

64

配置都要对上，sa两个都没起来吗，debug一下有啥报错

2

大神，我的意思是h3c的该如何配置，这个配置看不太懂，还没有进行配置呢

64

CRM论坛（CRMbbs.com）——一个让用户更懂CRM的垂直性行业内容平台,CRM论坛致力于互联网、客户管理、销售管理、SCRM私域流量内容输出5年。 如果您有好的内容，欢迎向我们投稿，共建CRM多元化生态体系，创建CRM客户管理一体化生态解决方案。,防火墙1060，和Juniper-SSG 进行IPsec VPN对接，