Hi,

as far i know, AC-VPN is not currently available on SRX.

i think it`s on the roadmap.

Please correct me , if i`m wrong.

Regards

If you're talking about a site to site vpn, you just need to set "establish-tunnels immediately" under security/ipsec/vpn <vpn name>

AC-VPN is not available on SRX devices currently.

Hii All,

Thanks for your response. Juniper should come up with ACVPN on SRX at the earliest..

Thanks,

Suez

Suez,

take a look at Group VPN. It's Juniper's implementation of GDOI, interoperable with Cisco's GetVPN implementation. SonicWall has a Group VPN implementation, too, though I don't know that it's been tested for interop.

I think a standards-based approach like GroupVPN is much better than a proprietary approach like AC VPN.

For Group VPN, use JunOS 10.2r3 or better (10.3r2, 10.4rx), and remember that Group VPN is not supported in chassis clusters as of 10.2/10.3.

Hi Tbehrens,

I found few documents on the juniper site regarding Group VPN, i couldn't find the proper steps which described how to configure step by steps procedure.

Please, if you could share any link towards the same, it wil be a great help.

Thanks,

Suez

Maybe this configuration example is helpful, though it is specific to server-member colocation:

https://www.juniper.net/techpubs/software/junos-security/junos-security10.2/junos-security-swconfig-...

 Beyond that, there are a lot of individual Group VPN topics on the overview, server/member, phase 1 and phase 2, and a run-down of the steps needed to configure Group VPN:

http://www.juniper.tw/techpubs/software/junos-security/junos-security10.2/junos-security-swconfig-se...

http://www.juniper.tw/techpubs/software/junos-security/junos-security10.2/junos-security-swconfig-se...

Thanks for your help

How about HA? Does it support HA with Group VPN. I read introduction to GROUP VPN at it says working in STANDALONE mode.