Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Archive] Configure NetScreen-Remote VPN Client with pre-shared Keys

0

0

Article ID: KB22075 KB Last Updated: 07 Dec 2012Version: 2.0
Summary:

This article provides information on how to configure a NetScreen-Remote (Dial-Up VPN) Client with pre-shared Keys

For VPN setup on the firewall, refer to:

KB14878 - Configure ScreenOS Firewall for use with a VPN Client using Pre-shared Keys (ScreenOS 6.0 and later)

KB6233 - Configure NetScreen-Remote VPN Client with Pre-shared Keys (ScreenOS 5.x)

Symptoms:

Environment:

  • Dial Up VPN

  • NetScreen-Remote

  • Remote User

  • Need to get into the network from home

Cause:

Solution:
Launch the NetScreen-Remote Security Policy Editor.
  1. Create a new policy by clicking the New Connection icon located at the upper left corner. We'll call this new connection - Corporate.

  2. On Remote Party Identity and Addressing:

    1. ID Type: IP Subnet.

    2. Subnet: 172.16.10.0.

    3. Netmask: 255.255.255.0.

    4. Click Connect using Secure Gateway Tunnel.

    5. ID Type: IP Address: 1.1.1.1

  3. Expand the Corporate connection:

    1. Click Security Policy:

      1. Select Phase 1 Negotiation Mode: Aggressive

      2. Select Enable Perfect Forward Secrecy (PFS)

      3. PFS Key Group: Diffie-Hellman Group 2

      4. De-select "Enable Replay Detection"

    2. Click My Identity:

      1. Select Certificate: None

      2. ID Type: Email address: user1@netscreen.com

      3. Click Pre-Shared Key

              Click Enter Key

        • Enter the Pre-shared key netscreen.

        • Click Ok.

    3. Expand Security Policy:

      1. Expand Authentication (Phase 1)

        Select Proposal 1

        • Encryption Alg: Triple DES

        • Hash Alg: MD5

        • SA Life: Unspecified

        • Key Group: Diffie-Hellman Group 2

      2. Expand Key Exchange (Phase 2)

        Select Proposal 1

        • Encrypt Alg. Triple DES

        • Hash Alg. MD5

        • Encapsulation: Tunnel

  4. Click Save.

Send traffic through the VPN tunnel to initiate the IKE negotiation and the VPN tunnel will be built.

For more information, refer to KB6464 - How do I install NetScreen Remote?

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search