Table of Contents
Advertisement
Copyright © 2010, Juniper Networks, Inc.
Ethernet1 is the Trust IP (10.2.2.1/24) in the Trust zone.
Ethernet3 is the Untrust IP (2.2.2.2/24) in the Untrust zone.
Create the address objects that you use for the VPN rule in the firewall rulebase
(for details on creating VPN rules, see "Adding VPN Rules" on page 615).
Add the Tokyo Trust LAN (10.1.1.0/24) as a network address object. In Address Objects,
3.
click the Add icon and select Network. Configure the following, then click OK:
Add the Tokyo and Paris security devices (for details on adding devices:
4.
For Name, enter Tokyo Trust LAN.
For IP Address/Netmask, enter 10.1.1.0/24.
For Color, select magenta.
For Comment, enter Tokyo Trust Zone.
Add the Paris Trust LAN (10.2.2.0/24) as a network address object. In Address Objects,
5.
click the Add icon and select Network. Configure the following, then click OK:
For Name, enter Paris Trust LAN.
For IP Address/Netmask, enter 10.2.2.0/24.
For Color, select magenta.
For Comment, enter Paris Trust Zone.
Create the VPN. In the navigation tree, double-click VPN Manager. Right-click VPNs
and select AutoKey IKE VPN. The New AutoKey IKE VPN dialog box appears.
Configure as shown below:
In Name, enter Tokyo-Paris Route-based VPNs.
6.
Select Enable.
7.
In Termination Point, select Untrust.
8.
Click OK to save the VPN and return to VPN Manager. In VPN Manager, select the
9.
Tokyo-Paris Route-based VPNs.
Configure the route-based members:
10.
a. In the main display area, select the security device link (under Route-Based
Configuration) to display the zone and tunnel options. Configure the default zone
and tunnel options.
b. Click the Add icon to display available security devices. Select the Paris and Tokyo
devices.
c. Click OK to add the members to the VPN.
d. Ensure that the route-based members are configured.
e. Click OK to save your settings and return to the main display area.
f. Configure the VPN topology:
Chapter 12: Configuring VPNs
595
Advertisement
Table of Contents
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 and is the answer not in the manual?
Questions and answers