Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SCREENOS DEVICES GUIDE REV 01 Manual page 265

Copyright © 2010, Juniper Networks, Inc.
For ESP/AH, select ESP CBC.
For Encryption Algorithm, select 3DES-CBC.
Select Generate Key by Password, and then enter the password asdlk24234.
For Authentication Algorithm, select SHA-1.
Select Generate Key by Password, and then enter the password PNas134a.
Select the Binding tab. Select Tunnel Interface, and then select tunnel.1.
Click OK to save the new VPN.
10.
Create Tokyo routes:
11.
In the device navigation tree, select Network > Virtual Router to display the list of
virtual routers on the device. Double-click the trust-vr route to open the vr for editing.
In the virtual router dialog box, click Routing Table, and then click the Add icon
under destination-based routing table to add a new static route.
NOTE: ScreenOS 5.0.x devices display destination-based and
source-based routing tables; ScreenOS 5.1 and later devices display
destination-based, source-based, and source interface-based routing
tables.
Configure a route from the untrust interface to the gateway, and then click OK.
12.
Configure route from the trust zone to the tunnel interface, and then click OK.
13.
Click OK to save your changes to the virtual router, and then click OK to save your
14.
changes to the Tokyo device.
Configure the Paris tunnel interface:
15.
In Device Manager, double-click the device icon for Paris to open the device
configuration.
In the device navigation tree, select Network > Interface. Click the Add icon and
select Tunnel Interface. The General Properties screen appears.
Configure the following settings, and then click OK:
16.
For Zone, select untrust.
For IP Options, select Unnumbered.
For Source Interface, select ethernet3.
Create the Paris VPN:
17.
In the device navigation tree, select VPN Settings > AutoKey IKE/Manual VPN.
Select the Manual tab, and then click the Add icon. The Properties screen appears.
Configure the following settings:
18.
Chapter 8: Configuring VPNs
241