What needs to be configured during phase 2 of a route-basedVPN, thatdoes not have to be configured during a policy-based VPN? (assumeboth devices areNetScreensusing route-basedVPNs)
Route-basedVPNs, like policy-basedVPNs, can also use either manual key orautokeyIKE, but are configured and function somewhat differently. Route-basedVPNsdo not make reference to a tunnel object, but rather the destination address of the traffic. When theNetScreen appliance performs a route lookup to see which interface it should use to send the traffic, it sees there is a route through a tunnel interface that is bound to a VPN tunnel and uses that interface to deliver the traffic.