How to create a VPN connection to 2 zones in Juniper SSG20?
Posted on 2009-04-28
We've finally setup a VPN connection from a remote location to the HQ. At the HQ, we're using Juniper SSG20, and it has several zones in it. But the ones we need help with is as follows:
1. Local Zone in Trust-vr (22.214.171.124)
2. DMZ in Untrust-VR (126.96.36.199)
3. Internet zone in Untrust-VR (static public IP)
So from the remote location, we've set a VPN to the Local Zone. It's working like a charm. But we needed users to access the DMZ zones too, if possible using the vpn and not directly from the internet.
So far we've learned that this can be done only using policy based routing. But we're using Routing based routing (???) since it was supposed to be safer. Is this true? Is there anything we can do about this?
The vpn we've setup is a site-to-site route based vpn.