KB Home KB Home Back to all Knowledge Base Browse Knowledge Base Categories Printer Friendly Version Printer Friendly

Configuring a Policy for Site A
Knowledge Base ID: KB4137
Version: 4.0
Published: 07 Oct 2008
Updated: 07 Oct 2008
Categories: . Firewall/IPSec_VPN
. IPSec
. ScreenOS

Synopsis:
Configuring a Policy for Site A

Solution:

To configure a policy for site A, perform the following steps:

Step one: Open the WebUI. For more information on accessing the WebUI, go to Accessing Your NetScreen, SSG, or ISG Firewall Using the WebUI

Step two: From the Juniper firewall menu, click Policies.

Image of step two

Step three: From the Policies page, in the From drop-down menu, click to select Trust, and in the To drop-down menu, click to select Untrust.

Image of step three and four

Step four: Click New.

Step five: From Source Address, in the New Address text box, enter site A's trust IP address/netmask.

Note: In this example, we entered 10.1.1.0 / 255.255.255.0.

Image of step five and six

Step six: From Destination Address, in the New Address text box, enter site B's trust IP address/netmask.

Note: In this example, we entered 172.16.10.0 / 255.255.255.0.

Step seven: From the Action drop-down menu, click to select Tunnel.

Image of step seven and eight

Step eight: From the Tunnel drop-down menu, click to choose the VPN tunnel.

Note: For this example, we selected Site B VPN.

Step nine: Click to select Modify matching bidirectional VPN policy.

Image of step nine and ten

Step ten: Click to select Position at Top.

Step eleven: Click OK.

Image of step eleven

Purpose:
Troubleshooting

ASK THE KB
Question or KB ID:



RELATED TOPICS