Author Topic: Howto: Easy route-based VPN configuration  (Read 72090 times)

signal15

  • Administrator
  • Hero Member
  • *****
  • Posts: 530
  • Karma: +1/-0
    • View Profile
    • JuniperForum.com
Re: Howto: Easy route-based VPN configuration
« Reply #40 on: December 07, 2011, 10:50:04 am »
Hi,
I am a Cisco guy, and now new to Juniper SSG5 and SSG140; want to know if the following situations work:

1. Two sites :
    One site with Juniper SSG5 connecting to two ISP links, so WAN link failover is configured.
    The other site with Juniper SSG140 connecting also two other ISP links, so WAN link failover is configured.
2. Want to set up two VPN links ( they can back up each other ), that is totally four VPN configurations (2 WAN Links x 2 WAN links = 4 VPN links )

Are the VPN links are working ( failover architecture only ) ?

This should work.  The way I would set it up would be to have both VPN links (set them up as route-based) active at one time, but then use route metrics to make one the primary.

praveenreddy

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Howto: Easy route-based VPN configuration
« Reply #41 on: August 10, 2012, 06:47:15 am »
heheheeeeeeeee noting

laylhlim

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Howto: Easy route-based VPN configuration
« Reply #42 on: December 03, 2012, 08:46:05 am »
I found that if I bind the VPN to the tunnel interface, the VPN tunnel won't go up.
Does the other side need to create tunnel interface and bind vpn to tunnel interface also?
What happen if the other side is not using Juniper firewall.

If I remove binding of the tunnel interface, VPN tunnel will go up but I can't do MIP or destination NAT.

Any help will be much appreciated.

fcastro

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Howto: Easy route-based VPN configuration
« Reply #43 on: April 29, 2013, 05:04:22 am »
Hi, I am very new in using Juniper and we have SSG 20 in our office.

Do you have the procedure in setting up a dial-up VPN using Windows XP and Windows 7 native VPN client (no NetScreen-Remote) without using Certificates?

Thanks a lot.