Table of Contents
Advertisement
Network and Security Manager Administration Guide
About VPNs
Creating System-Level VPNs with VPN Manager
528
With Network and Security Manager (NSM), you can use basic networking principles and
your Juniper Networks security devices to create VPNs that connect your headquarters
with your branch offices and your remote users with your protected networks.
NSM supports tunnel and transport modes for AutoKey IKE, Manual Key, L2TP, and
L2TP-over-AutoKey IKE VPNS in policy or route-based configurations. You can create
the VPN at the system-level or device-level:
System-Level VPN (VPN Manager)—Design a system level VPN and automatically set
up connections, tunnels, and rules for all devices in the VPN.
Device-Level VPN (Device Manager)—Manually configure VPN information for each
security device, then add VPN rules to a security policy to create a policy-based VPN
or configure routes on each security device to create a route-based VPNs.
NOTE: Each VPN that a device belongs to reduces the maximum number of templates
by one. This includes VPNs configured in VPN Manager and VPNs configured at the
device-level. You can apply a maximum of 63 templates to a single device.
For AutoKey IKE and L2TP VPNs, create the VPN at the system-level using VPN Manager.
VPN Manager supports:
AutoKey IKE VPNs—In policy-based or route-based modes. You can also create a
Mixed-Mode VPN to connect policy-based VPN members to route-based VPNs
members in a single VPN.
L2TP-over-AutoKey IKE RAS VPNs and L2TP RAS VPNs—Can connect and authenticate
multiple L2TP remote access services (RAS) users and protected resources with or
without encryption.
Reusable VPN Components—Create objects to represent your protected resources,
CA certificates and CRLs, custom IKE proposals, and NAT configurations, then use
these objects in multiple VPNs.
Compact and Expanded Views—Choose the Compact (default) or Expanded view to
create your VPN. Both views offer the same configuration options.
Autogenerated Tunnels—Create tunnel interfaces on each route-based VPNs member
automatically. Use the device tunnel summary to review all autogenerated tunnels in
the VPN.
Autogenerated VPN Rules—Create all VPN rules with a single click. NSM automatically
generates the rules between each policy-based VPN member. You can review these
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
