Create point to point VPN connection

I need to create a site to site VPN connection to carry email traffic between a satellite office to the main office using Juniper SSG5 firewall.  There are a couple of things that I want to achieve:
The public address of the satellite office Juniper is 12.2.x.x. // the LAN address is
The public address of the main office Juniper is 130.182.x.x
Things I want to achieve:
1)  Create a login script at the domain controller that would run at login and would create a route on the workstation directing any traffic for email to the
2)  Create a constant always on connection between the 2 firewalls.  
Any suggestions to achieve this easily would be greatly appreciated.
Who is Participating?
tismetooConnect With a Mentor Commented:
Two aspects:
The route can be dealt with in 2 ways. Personally I woiudl put the route on the default gateway, which is presumably the Netscreen anyway. The other option is to use the "route add" command with the -p switch to make it permanent so you don't have to use the login script.
The always on connection on the Netscreen can be acheived with the "VPN Monitor" setting on the Autokey IKE portion of the VPN config.
Personally I would configure a route based VPN, with these rough steps:

Define tunnel interface
Define routes
Configure Phase 1 settings ( vpn gateway )
Configure Phase 2 settings ( Autokey IKE )
Define address objects for each site
Configure policies.

Good documentation and examples are available from Juniper:
The Juniper site has docs
KB8533  is a good start

Their site has issues some time accessing the KB DB though.

I hope this helps !
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.