The articles listed below will help you get started with configuring your Juniper firewall for a Policy Based LAN-to-LAN VPN. (For an explanation of Policy-Based VPNs vs Route-Based VPNs, refer to KB4124.)
Juniper Firewall LAN-to-LAN Policy Based VPN articles
| Knowledge Base ID: | KB8534 |
| Version: | 7.0 |
| Published: | 26 Aug 2009 |
| Updated: | 26 Aug 2009 |
| Categories: |
 Firewall/IPSec_VPN IPSec ScreenOS |
Problem or Goal:
Policy Based LAN-to-LAN VPN
Common Configurations
KB15074 (ScreenOS 6.x) | Policy-based VPN - Both Sides have Static IPs using Pre-shared Keys |
| KB6210 (ScreenOS 5.x) |
| KB15076 (ScreenOS 6.x) | Policy-based VPN - One Side has a Dynamic IP using Pre-shared Keys |
| KB6332 (ScreenOS 5.x) |
Configuration Examples in Technical DocumentationScreenOS Concepts & Examples ScreenOS Reference Guide, Volume 5: Virtual Private Networks ScreenOS 6.1: http://www.juniper.net/techpubs/software/screenos/screenos6.1.0/ce_v5.pdf ScreenOS 5.4: http://www.juniper.net/techpubs/software/screenos/screenos5.4.0/CE_v5.pdf |
Specific Configurations
| KB3927 (ScreenOS 5.x) | Configure custom zones with policy based hub and spoke VPN |
| KB5822 (ScreenOS 5.x) | LAN to LAN VPN between two NetScreens in transparent mode |
Authentication
KB4185 (ScreenOS 5.x | Configuring a LAN to LAN VPN with XAuth |
| KB6699 (ScreenOS 5.x) |
Configuration
