How can I tried to convert one task from junos_command to junos_config I have tried but getting error like below

[dvenur...@gmail.com]

---

- name: Juniper Site-to-Site VPN Creation

hosts: localhost

gather_facts: no

#connection: ansible.netcommon.netconf

become: yes

tasks:

- name: creation of VPN tunnel between two sites

junos_config:

lines:

- set security zones security-zone {{zoneName}} host-inbound-traffic system-services ike

- set interfaces {{interfaceNumber}} unit {{interfaceUnit}} family inet

- set security zones security-zone {{vpnZoneName}} interfaces {{VPNinterfaceName}}

- set security zones security-zone {{vpnZoneName}} interfaces {{VPNinterfaceName}} host-inbound-traffic system-services {{InterfaceServices}}

- set security zones security-zone {{vpnZoneName}} interfaces {{VPNinterfaceName}} host-inbound-traffic protocols {{InterfaceProtocol}}

- set security ike proposal {{ikeProposalName}} description {{description}}

- set security ike proposal {{ikeProposalName}} authentication-method {{methodName}}

- set security ike proposal {{ikeProposalName}} dh-group {{groupName}}

- set security ike proposal {{ikeProposalName}} authentication-algorithm {{ikeAuthAlgorithmName}}

- set security ike proposal {{ikeProposalName}} encryption-algorithm {{ikeEncAlgorithmName}}

- set security ike proposal {{ikeProposalName}} lifetime-seconds {{seconds}}

- set security ike policy {{ikePolicyName}} description {{description}}

- set security ike policy {{ikePolicyName}} mode {{modeName}}

- set security ike policy {{ikePolicyName}} proposals {{ikeProposalName}}

- set security ike policy {{ikePolicyName}} pre-shared-key ascii-text {{sharedKey}}

- set security ike gateway {{gatewayName}} external-interface {{externalInterfaceName}}

- set security ike gateway {{gatewayName}} ike-policy {{ikePolicyName}}

- set security ike gateway {{gatewayName}} address {{remoteIPAddress}}

- set security ike gateway {{gatewayName}} version {{ikeVersion}}

- set security ipsec proposal {{ipsecProposalName}} description {{description}}

- set security ipsec proposal {{ipsecProposalName}} protocol {{protocolName}}

- set security ipsec proposal {{ipsecProposalName}} authentication-algorithm {{ipsecAuthAlgorithmName}}

- set security ipsec proposal {{ipsecProposalName}} encryption-algorithm {{ipsecEncAlgorithmName}}

- set security ipsec proposal {{ipsecProposalName}} lifetime-seconds {{phase2seconds}}

- set security ipsec policy {{ipsecPolicyName}} proposals {{ipsecProposalName}}

# - set security ipsec policy {{ipsecPolicyName}} perfect-forward-secrecy keys {{pfsGroupName}}

- set security ipsec vpn {{vpnName}} ike gateway {{gatewayName}}

- set security ipsec vpn {{vpnName}} ike ipsec-policy {{ipsecPolicyName}}

- set security ipsec vpn {{vpnName}} bind-interface {{VPNinterfaceName}}

- set security ipsec vpn {{vpnName}} establish-tunnels {{TunnelEstablish}}

- set security address-book global address {{sourceObjectName}} {{SubnetValueSrc}}

- set security address-book global address {{destinationObjectName}} {{SubnetValueDst}}

- set security policies from-zone {{sourceZoneName}} to-zone {{vpnZoneName}} policy {{policy1Name}} match source-address {{sourceObjectName}}

- set security policies from-zone {{sourceZoneName}} to-zone {{vpnZoneName}} policy {{policy1Name}} match destination-address {{destinationObjectName}}

- set security policies from-zone {{sourceZoneName}} to-zone {{vpnZoneName}} policy {{policy1Name}} match application {{applicationNames}}

- set security policies from-zone {{sourceZoneName}} to-zone {{vpnZoneName}} policy {{policy1Name}} match source-identity {{sourceIdentity}}

- set security policies from-zone {{sourceZoneName}} to-zone {{vpnZoneName}} policy {{policy1Name}} then permit

- set security policies from-zone {{vpnZoneName}} to-zone {{sourceZoneName}} policy {{policy2Name}} match source-address {{destinationObjectName}}

- set security policies from-zone {{vpnZoneName}} to-zone {{sourceZoneName}} policy {{policy2Name}} match destination-address {{sourceObjectName}}

- set security policies from-zone {{vpnZoneName}} to-zone {{sourceZoneName}} policy {{policy2Name}} match application {{applicationNames}}

- set security policies from-zone {{vpnZoneName}} to-zone {{sourceZoneName}} policy {{policy2Name}} then permit

- set routing-options static route {{SubnetValueDst}} next-hop {{VPNinterfaceName}}

provider:

host: xxxxx

username: xxxx

password: xxxx

tags:

- junos_SitetoSiteVpn_creation

I have tried with both local and netconf connection but I have getting below error

msg": "<?xml version=\\"1.0\\" encoding=\\"UTF-8\\"?><rpc-error xmlns=\"urn:ietf:params:xml:ns:netconf:base:1.0\" xmlns:junos=\"[http://xml.juniper.net/junos/20.2R0/junos\](http://xml.juniper.net/junos/20.2R0/junos)" xmlns:nc=\"urn:ietf:params:xml:ns:netconf:base:1.0\">\n<error-type>protocol</error-type>\n<error-tag>operation-failed</error-tag>\n<error-severity>error</error-severity>\n<error-message>invalid value</error-message>\n<error-info>\n<bad-element>immediate</bad-element>\n</error-info>\n</rpc-error>\n"

}

can some help here to get it work.

Thanks in advance.