Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Archive] Configuring the L2TP VPN Tunnel on the Juniper Firewall

0

0

Article ID: KB4107 KB Last Updated: 30 Jul 2013Version: 7.0
Summary:
Configuring the L2TP VPN Tunnel on the Juniper Firewall
Symptoms:

Cause:

Solution:

Note: This article applies to ScreenOS 5.0 and above.

To configure the L2TP VPN tunnel on the Juniper Firewall, perform the following steps:

(or jump to CLI commands below)

Step one: Open the WebUI. For an example of how to access the WebUI, consult: KB4060 - Accessing Your NetScreen, SSG, or ISG Firewall Using the WebUI 

Step two: From the ScreenOS options menu, click VPNs, select L2TP, and then click Tunnel.

Image of step two

Step three: Click New.

Image of step three

Step four: From the Tunnel screen, enter a Name.

Note: For this example, we entered sales_corp.

Image of step four and five

Step five: From the Authentication Server drop-down menu, select Local.

Step six: From the Outgoing Interface drop-down menu, select your external interface from which your L2TP client will be connecting.

Note: For this example, we chose ethernet3. The Outgoing Interface could be either ethernet3 or untrust depending on your Firewall device model.

Image of step six and seven

Step seven: For Peer IP, enter 0.0.0.0.

Note:Host Name and Secret are optional, and are used with a Radius server. Host Name is the name of the computer acting as the L2TP access concentrator (LAC). Secret is a secret shared between the LAC and the L2TP network server (LNS).

Image of step eight and note

Step eight: From Keep Alive, enter a value.

Note: For this example, we have entered 60 (the default). The Keep Alive value is the number of seconds of inactivity before the Juniper Firewall device sends an L2TP hello signal to the LAC.

Step nine: Click OK.

Image of step nine


CLI

The following CLI commands represent the WebUI steps described above:

set l2tp "sales_corp" outgoing-interface ethernet3 keepalive 60
set l2tp "sales_corp" auth server "Local"

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search