Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Setting up a VPN Tunnel on a Juniper-NS5GT

Posted on 2009-04-22
5
Medium Priority
?
1,163 Views
Last Modified: 2012-06-27
I am not a networking professional (most of my work entials desktop support) and my networking knowledge does not extend much beyond my Comptia Net+ certification. I have been employed by a small company who aleady has a 20 Client LAN on MS SBS 2003. The owner has asked me to allow him to access his desktop machine from his home. I assume the best/easiest way to go about this is with a VPN tunnel. They have a Juniper NS5GT firewall/VPN device in place. I need some basic instruction on creating the VPN connection.
I'm a bit confused as I  only have expernince with VNC with basic routers and forwarded the appropraite ports.

I have search Junipers KB but the language is a little over my head... any help would be apprecaited.
0
Comment
Question by:dannyg280
  • 2
  • 2
5 Comments
 
LVL 18

Expert Comment

by:deimark
ID: 24206811
2 main ways to set up VPNs on a Juniper

Site to Site VPN -this is the most common usage and uses full IPSEC tunnels between 2 firewalls, this link provides more info:
http://kb.juniper.net/index?page=content&id=KB7739&actp=search&searchid=1240417961152

Remote access VPN - this is also called a dial up VPN, where a small client app is installed on a laptop/PC and then used to connect to a firewall to create a VPN tunnel between the client and the firewall.

http://kb.juniper.net/kb/documents/public/resolution_path/J_FW_VPN_Config_or_Trblsh.htm

Each of them will grant the access you need.

So, if the owner has a VPN enabled firewall at home, I would go for the site to site VPN and if he hasnt then go for the remote access (dial up VPN)
0
 
LVL 72

Expert Comment

by:Qlemo
ID: 24224088
A good (easy config) free VPN client is Shrew (www.shrew.net). Step-by-step configuration example for Juniper is available at that site, too.
0
 
LVL 18

Expert Comment

by:deimark
ID: 24224183
Nice link for the Shrew stuff.  Only ever used the NS Remote software before, so good to get something else to try.

DM
0
 

Author Comment

by:dannyg280
ID: 24244514
Sorry about the delay getting back to you guys. Shew looks awesome... one thing I'm not sure of in the documention... what is the "IKE Identity" when setting up a new user? Is it the Identity of the user with local access?
0
 
LVL 72

Accepted Solution

by:
Qlemo earned 2000 total points
ID: 24246114
IKE identity is only used for finding the appropriate IKE (Phase 1) definition ("Autokey Advanced - Gateway"), with XAuth definition, Pre-Shared-Key or Certificate aso.

This is needed because a client cannot be assigned to a special Dial-In VPN definition without.

The IKE identity is not used further, by Windows, RADIUS or alike.
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
This program is used to assist in finding and resolving common problems with wireless connections.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question