Solved

Create point to point VPN connection

Posted on 2008-10-02
3
863 Views
Last Modified: 2008-12-31
I need to create a site to site VPN connection to carry email traffic between a satellite office to the main office using Juniper SSG5 firewall.  There are a couple of things that I want to achieve:
The public address of the satellite office Juniper is 12.2.x.x. // the LAN address is 192.168.50.1
The public address of the main office Juniper is 130.182.x.x
Things I want to achieve:
1)  Create a login script at the domain controller that would run at login and would create a route on the workstation directing any traffic for email to the 192.168.50.1
2)  Create a constant always on connection between the 2 firewalls.  
Any suggestions to achieve this easily would be greatly appreciated.
0
Comment
Question by:LSugita
3 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 22627665
The Juniper site has docs
KB8533  is a good start

Their site has issues some time accessing the KB DB though.

I hope this helps !
0
 
LVL 3

Accepted Solution

by:
tismetoo earned 500 total points
ID: 22650815
Two aspects:
The route can be dealt with in 2 ways. Personally I woiudl put the route on the default gateway, which is presumably the Netscreen anyway. The other option is to use the "route add" command with the -p switch to make it permanent so you don't have to use the login script.
The always on connection on the Netscreen can be acheived with the "VPN Monitor" setting on the Autokey IKE portion of the VPN config.
Personally I would configure a route based VPN, with these rough steps:

Define tunnel interface
Define routes
Configure Phase 1 settings ( vpn gateway )
Configure Phase 2 settings ( Autokey IKE )
Define address objects for each site
Configure policies.

Good documentation and examples are available from Juniper:
http://www.juniper.net/techpubs/software/screenos/screenos6.1.0/index.html
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now