Configuring ScreenOS Devices Guide
Related
Documentation
Device-Level Manual Key VPN: Using VPN Configuration Overview
Device-Level Manual Key VPN Properties
Table 58: Device-Level Manual Key VPN Properties
Device-Level Manual Key
VPN Properties
VPN Name
Gateway
Local SPI
Remote SPI
Outgoing Interface
Do not set Fragment Bit in
the Outer Header
232
zones, tunnel interfaces, and static or dynamic routes, see "Configuring Virtual Routers
Overview" on page 294.
After you have configured the tunnel zone or interface on the security device, you must
bind the VPN to that zone or interface to make the VPN functional.
Device-Level AutoKey IKE VPN: Using VPN Configuration Overview on page 227
Device Level Manual Key VPN: Using VPN Rule Configuration Overview on page 234
Device-Level AutoKey IKE VPN: Using VPN Rule Configuration Overview on page 230
The following topics explain how to configure device-level manual key VPN using VPN
configuration:
Device-Level Manual Key VPN Properties on page 232
Binding on page 233
Monitor Management on ScreenOS Devices Using Manual Key VPN on page 233
Enter the following values to configure device-level manual key using VPN configuration
as described in Table 58 on page 232.
Your Action
Enter a name for the VPN.
Enter a gateway for the VPN.
Specify the local Security Parameter Index. This option also supports IPv6.
Specify the remote Security Parameter Index. This option also supports IPv6.
Specify the outgoing interface, which is the interface on the security device that sends and
receives VPN traffic. Typically, the outgoing interface is in the untrust zone.
Select the fragment bit to control how the IP packet is fragmented when traveling across
networks.
Clear—Use this option to enable IP packets to be fragmented.
Set—Use this option to ensure that IP packets are not fragmented.
Copy—Select to use the same option as specified in the internal IP header of the original
packet.
Copyright © 2010, Juniper Networks, Inc.