<div>
Thanks for your help. &nbsp;Knowing it can be done is half the battle.
</div>


Thanks for your help.  Knowing it can be done is half the battle.

<div>
<div class="content wysiwyg-content">
I have several Juniper SSG5 units and I am trying to connect them via VPN. &nbsp;However, the untrusted LAN subnet for each unit is the same as they are all intra-site units. &nbsp;I have followed as many documents that I can find regarding a VPN setup, but I am missing something. &nbsp;Ultimately, I need the following setup. &nbsp;Device to SSG5 #1 Trusted Zone (port E0/2) on Subnet A (192.168.1.0). &nbsp;Device to SSG5 #2 Trusted Zone (port E0/2) on subnet B (192.168.2.0). &nbsp;Untrusted connection between SSG5 #1 and SSG5 #2 using port E0/0 on both units to use Subnet C (192.168.3.0). &nbsp;There will be no internet connection on this network, so that part is irrelevant in this situation. &nbsp;However, I do need the device connected to SSG #1 to be able to communicate with the device on SSG #2. &nbsp;I also need data encryption, so I do not believe that simply setting routes will suffice either. &nbsp;Please advise.<br />
<a href="https://filedb.experts-exchange.com/incoming/2013/06_w26/662862/Juniper-SSG5.jpg" target="_blank" class="file-inline" title="Network Diagram (12 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>Juniper-SSG5.jpg</a>
</div>
</div>


Juniper-SSG5.jpg

I have several Juniper SSG5 units and I am trying to connect them via VPN.  However, the untrusted LAN subnet for each unit is the same as they are all intra-site units.  I have followed as many documents that I can find regarding a VPN setup, but I am missing something.  Ultimately, I need the following setup.  Device to SSG5 #1 Trusted Zone (port E0/2) on Subnet A (192.168.1.0).  Device to SSG5 #2 Trusted Zone (port E0/2) on subnet B (192.168.2.0).  Untrusted connection between SSG5 #1 and SSG5 #2 using port E0/0 on both units to use Subnet C (192.168.3.0).  There will be no internet connection on this network, so that part is irrelevant in this situation.  However, I do need the device connected to SSG #1 to be able to communicate with the device on SSG #2.  I also need data encryption, so I do not believe that simply setting routes will suffice either.  Please advise.

Same Site VPN Juniper VPN

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Encryption

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.