Table of Contents
Advertisement
Copyright © 2010, Juniper Networks, Inc.
Changing Rule Position
The position of the rules indicates the order that they apply to traffic. To change the
position of a rule, you can:
Right-click the rule and select Move Rule Up or Move Rule Down, or
Right-click the rule and select Change Rule Position. In the New Position dialog box,
enter a new rule number for this rule. (The rule number is the first column in the policy
table.)
Filtering Rules
You can also filter the VPN rules by zones using the Zone Filter in the upper right-hand
corner of the VPN rule window. Select a zone in From Zone and/or the To Zone to order
the rules as desired.
To save this rule order, click Apply.
Configuring Rule Options
You can configure rule options for each rule, including traffic shaping, logging, antivirus
and attack objects, and protection actions. For details on configuring these options.
Editing Device Configuration
For all VPNs, you can edit the device configuration for each VPN member. The device
configuration displays the interfaces, gateways, and other VPN configuration information
for each individual device.
Overriding Interfaces
For route-based and mixed-mode VPNs, this displays the tunnel interfaces and virtual
routers configured on the VPN member. To override the general properties and dynamic
routing protocols for each tunnel interface, right-click the tunnel interface and configure
the settings.
NOTE: The changes you make to a Virtual Router in the Overrides area apply to the
device configuration, not just the VPN configuration. When you change a VR setting in
VPN manager, that change is saved and applied to the device when you save and apply
the VPN. Similarly, when you change a VR setting for the device configuration in Device
Manager, that change is reflected in the VPN configurations that includes the device.
For policy-based VPNs, no tunnel interfaces appear.
Overriding AutoKey IKE VPN Settings
For VPNs that use AutoKey IKE, this displays the VPN name, remote gateway, and IPSec
Mode for each tunnel in the VPN. To override the general properties, security,
binding/proxyID, and monitoring option for each VPN tunnel, right-click the VPN name
and configure the settings as desired.
Overriding Gateways
For all VPNs, this displays the gateway name, gateway mode, IP address, and IKE phase
I proposals for each VPN gateway. To override the general properties, security, and IKE
Chapter 11: Configuring VPNs
559
Advertisement
Table of Contents
