SRX Services Gateway
Reply
Contributor
Nevermore
Posts: 68
Registered: ‎03-24-2008
0

Dynamic Vpn

I have tried to configure Dynamic Vpn on Srx210.

 

I used http://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/technotes/dynamic-vpn-appnote-junos10.4-v2...

 

this article but it did not work. When I commit check

 

[edit security ipsec]
  'policy ipsec-dyn-vpn-policy'
    Missing proposals for IPSec policy ipsec-dyn-vpn-policy for ipsec_vpn dyn-vpn
configuration check succeeds

 

I corrected the proposals but this time I recieved another commit check failure.

 

Can anyone paste working config for JUNOS Software Release [10.2R3.10] ?

 

I won't use radius server. Local authentication will happen.

 

JUNOS Software Release [10.2R3.10] don't have wizard.

MCP - MCSA+S - MCSE+S
MCTS: Vista
Distinguished Expert
rkim
Posts: 755
Registered: ‎11-06-2007
0

Re: Dynamic Vpn

That app note refers to dynamic VPN with Junos 10.4. There were some important new functionality added in 10.4 with regards to dynamic VPN. So not everything there will work with 10.2R3. There is a different app note for pre-10.4 releases. However given that you do not plan to use Radius, I would seriously consider upgrading to 10.4R3 to get local IP pool capability for xauth. With 10.3 and earlier, IP assignment must be via Radius. Once upgraded then give the app note you are using a try. It should work if you follow all the steps with 10.4R3.

-Richard
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.