[ScreenOS] Juniper firewall LAN-to-LAN policy based VPN articles

  [KB8534] Show Article Properties


Summary:
The articles listed below will help you get started with configuring your Juniper firewall for a Policy Based LAN-to-LAN VPN (for information on policy based VPNs vs Route-Based VPNs, refer to KB4124 - What is the difference between a Policy-based VPN and a Route-based VPN?)
Symptoms:

Cause:

Solution:

Policy Based LAN-to-LAN VPN

Common Configurations

KB15074 (ScreenOS 6.x)

Policy-based VPN - Both Sides have Static IPs using Pre-shared Keys
KB6210 (ScreenOS 5.x)

KB15076 (ScreenOS 6.x) Policy-based VPN - One Side has a Dynamic IP using Pre-shared Keys
KB6332 (ScreenOS 5.x)


Note:Configuration Examples in Technical Documentation

ScreenOS  Concepts & Examples ScreenOS Reference Guide, Volume 5:  Virtual Private Networks

Chapter 4 -- Site-to-Site Virtual Private Networks

“Policy-Based Site-to-Site VPN, AutoKey IKE”  Example
“Policy-Based Site-to-Site VPN, Dynamic Peer Example
“Policy-Based Site-to-Site VPN, Manual Key”  Example
 “Transparent Mode VPN” Example

ScreenOS 6.3: https://www.juniper.net/techpubs/software/screenos/screenos6.3.0/630_ce_VPN.pdf
ScreenOS 6.2: http://www.juniper.net/techpubs/software/screenos/screenos6.2.0/ce_v5.pdf
ScreenOS 6.1: http://www.juniper.net/techpubs/software/screenos/screenos6.1.0/ce_v5.pdf
ScreenOS 5.4: http://www.juniper.net/techpubs/software/screenos/screenos5.4.0/CE_v5.pdf 


Specific Configurations

KB3927 (ScreenOS 5.x) [Archive] Configure Policy Based Hub and Spoke Virtual Private Network (VPN)
KB5822 (ScreenOS 5.x) LAN to LAN VPN between two Juniper firewalls in Transparent mode


Authentication

KB4185 - [Archive] [ScreenOS] Configuring a Juniper Firewall LAN to LAN VPN with XAuth

(ScreenOS 5.x with Screenshots)

KB6699 - How to: Create a LAN to LAN VPN using the Juniper Firewall as an XAuth Client

(ScreenOS 5.x).


Configuring a Policy-based VPN between a Juniper firewall and another Juniper or 3rd party device


KB10182 Application Notes for J Series and SRX Series devices
KB10951 Configuring a Lan-to-Lan VPN with SSG5 and Check Point Appliance Safe@Office 500
KB5546 Is there a Macintosh Virtual Private Network (VPN) client available?
Related Links: