r2# show system services web-management 
http {
    interface vlan.0;
}
https {
    system-generated-certificate;
    interface vlan.0;
}

r2# show security 
ike {
    traceoptions {
        file size 1m;
        flag ike;
        flag next-hop-tunnels;
        flag all;
    }
    policy ike-dyn-vpn-policy {
        mode aggressive;
        proposal-set standard;
        pre-shared-key ascii-text "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA
    }
    gateway dyn-vpn-local-gw {
        ike-policy ike-dyn-vpn-policy;
        dynamic {
            hostname dynvpn;
            connections-limit 2;        
            ike-user-type group-ike-id;
        }
        external-interface fe-0/0/0.0;
        xauth access-profile dyn-vpn-access-profile;
    }
}
ipsec {
    traceoptions {
        flag all;
    }
    policy ipsec-dyn-vpn-policy {
        proposal-set standard;
    }
    vpn dyn-vpn {
        ike {
            gateway dyn-vpn-local-gw;
            ipsec-policy ipsec-dyn-vpn-policy;
        }
    }
}
dynamic-vpn {
    access-profile dyn-vpn-access-profile;
    clients {
        all {
            remote-protected-resources {
                192.168.0.0/24;
            }
            remote-exceptions {
                0.0.0.0/0;
            }
            ipsec-vpn dyn-vpn;
            user {
                user1;
            }
        }
    }
}
nat {
    ...
    proxy-arp {
        interface vlan.0 {
            address {
                192.168.0.242/32 to 192.168.0.243/32;
            }
        }
    }
}
policies {
    from-zone trust to-zone untrust {
        policy trust-to-untrust {
            match {
                source-address any;
                destination-address any;
                application any;
            }
            then {
                permit;
            }
        }
    }
    from-zone untrust to-zone trust {
        policy dyn-vpn-policy {
            match {                     
                source-address any;
                destination-address any;
                application any;
            }
            then {
                permit {
                    tunnel {
                        ipsec-vpn dyn-vpn;
                    }
                }
            }
        }
    }
}
zones {
    security-zone trust {
        address-book {
            address net-cfgr_192-168-0-0--24 192.168.0.0/24;
        }
        host-inbound-traffic {
            system-services {
                all;
            }
            protocols {
                all;
            }
        }
        interfaces {
            vlan.0;
        }
    }
    security-zone untrust {
        screen untrust-screen;
        host-inbound-traffic {
            system-services {
                ike;
            }
        }
        interfaces {
            fe-0/0/0.0 {
                host-inbound-traffic {
                    system-services {
                        ssh;
                        ike;
                        ping;
                        https;
                    }
                }
            }
        }
    }
}

r2# show access 
profile dyn-vpn-access-profile {
    client user1 {
        firewall-user {
            password "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA
        }
    }
    address-assignment {
        pool dyn-vpn-address-pool;
    }
}
address-assignment {
    pool dyn-vpn-address-pool {
        family inet {
            network 192.168.0.0/24;
            range dvpn-range {
                low 192.168.0.242;
                high 192.168.0.243;
            }
            xauth-attributes {
                primary-dns 192.168.0.5/32;
                secondary-dns 192.168.0.8/32;
            }
        }
    }
}
firewall-authentication {
    web-authentication {
        default-profile dyn-vpn-access-profile;
    }
}