Configuring Phase 1 Proposals for Dial Up VPN Users
| Knowledge Base ID: | KB4115 |
| Version: | 5.0 |
| Published: | 07 Oct 2008 |
| Updated: | 07 Oct 2008 |
| Categories: |
 Firewall/IPSec_VPN IPSec ScreenOS |
Configuring Phase 1 Proposals for Dial Up VPN Users
Solution:To configure a phase 1 proposal for dial up VPN users, perform the following steps:
Open the WebUI. For more information on accessing the WebUI, go to Accessing Your NetScreen, SSG, or ISG Firewall Using the WebUI 
From the Juniper firewall menu, click VPNs, select AutoKey Advanced, and then click Gateway.
From the Gateway Name text box, enter a gateway name.
For this example, we entered vpngateway1.
From Security Level, click to select Custom.
From Remote Gateway Type, click to select Dialup User, and then from the User drop-down menu, click to select your IKE username. For more information on configuring a dial up VPN user, go to Configuring a Dial Up VPN User. For this example, we selected vpnuser.
In the Preshared Key text box, enter a Preshared Key, and then click Advanced.
From the Phase 1 Proposal drop-down menu, click to select a phase 1 proposal. Your Juniper firewall supports up to four proposals for Phase 1 negotiations, allowing you to define how restrictive a range of security parameters for key negotiation you will accept. For this example, we selected pre-g1-des-sha.
Click Return.
From the Edit page, click OK.
Troubleshooting
