Knowledge Search


×
 

Configuring the NetScreen Device to Force all Dial-Up VPN Traffic Through the Device Before Going to the Internet

  [KB4396] Show Article Properties


Summary:
Configuring the NetScreen Device to Force all Dial-Up VPN Traffic Through the Device Before Going to the Internet
Symptoms:

Solution:

This article shows how to:

  • Create a tunnel interface for the route-based VPN
  • Create an IP pool
  • Create a new XAuth user
  • Create a new IKE ID user

 

To configure the NetScreen device side to force all dial-up VPN traffic through the NetScreen, perform the following steps:

Open the WebUI. For more information on accessing the WebUI, go to Accessing Your NetScreen Using the WebUI.

From the NetScreen options menu, click Network, and then click Interfaces.

Image of step two


Click New.

Image of step three


From the Tunnel Interface Name text box, enter a tunnel name.

note For this example, we have entered 1.

Image of step four and five

From the Zone drop-down menu, click to choose a Zone.

noteFor this example, we have selected Trust (trust-vr).

Click to select Unnumbered, then from the Interface drop-down menu, click to choose an Interface.

note For this example, we have selected trust (trust-vr).

Image of step six and seven

Click OK.

From the NetScreen options menu, click Objects, and then click IP Pools.

Image of step eight


Click New.

Image of step nine


From the Edit screen, enter an IP Pool Name, Start IP, and End IP.

note For this example, we have entered an IP Pool Name of XAuth Pool, a Start IP of 11.11.11.11, and an End IP of 11.11.11.20.

 note You must enter an IP Pool that is different from any other assigned address on the NetScreen device.

Image of step ten and eleven

Click OK.

From the NetScreen options menu, click Objects, select Users, and then click Local.

Image of step twelve


Click New.

Image of step thirteen


From Auth/IKE/L2TP/XAuth User, enter a User Name.

Image of step fourteen and fifteen

Click to select Enable.

Click to select XAuth User, enter a User Password, and then Confirm Password.

Image of step sixteen and seventeen

In the IP Pool drop-down menu, click to select XAuth Pool.

Click OK.

Image of step eighteen


From the NetScreen options menu, click Objects, select Users, and then click Local.

Image of step nineteen


Click New.

Image of step twenty


From Auth/IKE/L2TP/XAuth User, enter a User Name.

Image of step twenty-one and twenty-two

Click to select Enable.

Click to select IKE User, and then click to select Simple Identity.

Image of step twenty-three and twenty-four

From the IKE Identity text box, enter an IKE Identity.

Click OK.

Image of step twenty-five


To further configure the NetScreen device side, go to Configuring the NetScreen Device to Force all Dial-Up VPN Traffic Through the Device Before Going to the Internet (continued).

Related Links: