Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 Administration Manual page 668

Network and Security Manager Administration Guide
618
For Comment, enter Paris Trust Zone.
Configure the Tokyo tunnel interface:
In the navigation tree, select Device Manager > Security Devices, then double-click
6.
the Tokyo device to open the device configuration.
In the device navigation tree, select Network > Interface. Click the Add icon and select
7.
Tunnel Interface. The General Properties screen for tunnel.1 appears.
Configure the following, then click OK:
8.
For Zone, select untrust.
For Zone, select untrust.
For IP Options, select Unnumbered.
For Source Interface, select ethernet3.
Create the Tokyo VPN:
In the device navigation tree, select VPN Settings > AutoKey IKE/Manual VPN.
9.
Select the Manual tab, then click the Add icon. The Properties screen appears.
10.
Configure the Properties tab as shown below:
For Name, enter Tokyo_Paris.
For Gateway, enter 2.2.2.2.
For Local SP, enter 3020.
For Remote SPI, enter 3030.
For Outgoing Interface, select ethernet3.
For ESP/AH, select ESP CBC.
For Encryption Algorithm, select 3DES-CBC.
Select Generate Key by Password, then enter the password asdlk24234.
For Authentication Algorithm, select SHA-1.
Select Generate Key by Password, then enter the password .
Select the Binding tab. Enable Tunnel Interface, then select tunnel1.
11.
Click OK to save the new VPN.
12.
Create Tokyo Routes:
13.
In the device navigation tree, select Network > Virtual Router to display the list of
14.
virtual routers on the device. Double-click the trust-vr route to open the vr for editing.
In the virtual router dialog box, click Routing Table, then click the Add icon under
15.
destination-based Routing Table to add a new static route.
Copyright © 2010, Juniper Networks, Inc.