Table of Contents
Advertisement
Network and Security Manager Administration Guide
Creating L2TP Over Autokey IKE VPNs
Adding VPN Rules
590
Use the default settings to use the default authentication server for the domain. To
change or assign a domain authentication server, edit the domain settings.
Use custom settings to specify a preconfigured authentication server object to assign
TCP/IP settings to the gateway and authenticate specific L2TP User or User Groups.
Adding a VPN Rule
After you have configured the VPN on each device you want to include in the VPN, you
can add a VPN rule to a security policy:
For policy-based VPNs, you must add a VPN rule to create the VPN tunnel.
For route-based VPNs, the VPN tunnel is already in place. However, you might want
to add a VPN rule to control traffic through the tunnel.
For details on adding VPN rules to a security policy, see "Adding VPN Rules" on page 590.
Creating a device-level L2TP-over-Autokey IKE VPN is a multi-stage process:
Add L2TP Users (see "Adding L2TP Users" on page 589)
1.
Configure L2TP Settings (see "Configuring L2TP" on page 589)
2.
Configure Peer Gateway (see "Configuring Gateways" on page 578)
3.
Configure Routes (Route-based only) (see "Configuring Routes (Route-based only)"
4.
on page 582)
Add VPN to Device (see "Configuring the VPN" on page 582)
5.
Add VPN rules to security policy (see "Adding a VPN Rule" on page 590)
6.
To create a policy-based VPN or to add access policies to a route-based VPNs, you must
add a VPN rule to a security policy for each device in the VPN.
Adding a VPN Rule is a three stage process:
Configuring the VPN on page 590
Configuring the Security Policy on page 591
Assign and Install the Security Policy on page 591
Configuring the VPN
In Security Policies, select a predefined security policy (or create a new policy), and add
a VPN rule. right-click in the Source Address, Destination Address, Action, or Install On
column and select Configure VPN to display the Configure VPN dialog box.
Select the source security device that contains the termination interface for the VPN
1.
tunnel.
Select a VPN Type:
2.
For IKE VPNs, select the VPN that you configured on the device.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 and is the answer not in the manual?
Questions and answers