Configuring the L2TP VPN Tunnel on the Juniper Firewall

This article applies to ScreenOS 5.0 and above.

To configure the L2TP VPN tunnel on the Juniper Firewall, perform the following steps:

Open the WebUI. For an example of how to access the WebUI, consult: KB4060 - Accessing Your NetScreen, SSG, or ISG Firewall Using the WebUI

  From the ScreenOS options menu, click VPNs, select L2TP, and then click Tunnel.

Click New.

From the Tunnel screen, enter a Name.

For this example, we entered sales_corp.

From the Authentication Server drop-down menu, select Local.

From the Outgoing Interface drop-down menu, select your external interface from which your L2TP client will be connecting.

For this example, we chose ethernet3. The Outgoing Interface could be either ethernet3 or untrust depending on your Firewall device model.

For Peer IP, enter 0.0.0.0.

Host Name and Secret are optional, and are used with a Radius server. Host Name is the name of the computer acting as the L2TP access concentrator (LAC). Secret is a secret shared between the LAC and the L2TP network server (LNS).

From Keep Alive, enter a value.

For this example, we have entered 60 (the default). The Keep Alive value is the number of seconds of inactivity before the Juniper Firewall device sends an L2TP hello signal to the LAC.

Click OK.

Troubleshooting