This example shows how to configure a dynamic VPN on a Juniper Networks device to provide VPN access to remote
clients.
Requirements
Before you begin:
1. Configure network interfaces on the device.
2. Create security zones and assign interfaces to them.
3. If there will be more than two simultaneous user connections, install a Dynamic VPN license in the device.
Overview
A common deployment scenario for dynamic VPN is to provide VPN access to remote clients that are connected through
a public network such as the Internet. A public IP address is assigned to one of the gateway’s interfaces; this interface is
normally part of the untrust zone. Remote clients can access the VPN through a Web portal
and, after being authenticated, can download and install the VPN client software. After the client software is installed, the remote user
can access the VPN by either logging in to the Web portal or by launching the client directly. In either case, the remote client authenticates with the SRX Series device and downloads the latest configuration available.
Figure illustrates this deployment topology. The ge-0/0/15.0 interface on the SRX Series device is the termination point for the dynamic VPN tunnel. Remote clients in the untrust zone access the ge-0/0/15.0 interface through an HTTP or HTTPS connection.
Figure : Dynamic VPN Deployment Topology
Thanks for sharing this Great configuration about Dynamic VPN i shared this info to my all facebook and twitter friends because this info helps to everyone
ReplyDelete