Tag: Netscreen

How to Remove Juniper Netscreen Tunnel Interface

1. Delete all routes for all VR’s

set route 10.0.0.0/24 interface tunnel.1 preference 20
set route 10.0.0.0/24 interface tunnel.1 preference 20

2. Delete all policy entries

set policy id 1 name "Policy Name" from "Trust" to "Untrust"  "Local" "Remote" "HTTPS" permit
set policy id 1
set service "Remote-services"
exit
set policy id 2 from "Untrust" to "Trust"  "Remote" "Local" "ANY" permit
set policy id 2
set dst-address "Trust-networks"
exit

3. Delete all policy elements

set address "Untrust" "Network Name" 10.63.194.0 255.255.255.0

4. Delete all interface bindings. Via web interface you should edit AutoKey IKE entry by removing interface binding first (advanced settings), only after delete the AutoKey IKE

set vpn "PH2_Policy" id 0x1b9 bind interface tunnel.1

5. Delete AutoIKE entry

set vpn "PH2_Policy" gateway "PH1_Policy" no-replay tunnel idletime 0 sec-level standard
set vpn "PH2_Policy" monitor source-interface ethernet0/1 optimized rekey
set interface tunnel.1 ip unnumbered interface ethernet0/1

6. Delete the tunnel Interface

set interface "tunnel.1" zone "Untrust"