Hello Everyone,
I have succesfully configured a Dynamic VPN in my SRX 550 but I have some questions I want to ask.
This is supposed to be an IPSec Dynamic VPN so why when we authenticate against the SRX we do not use the IKE Preshared Key? I mean I only have to enter the XAUTH user and password information but never the preshared key.
So how does that work? Where is the device authentication in phase 1 in here?
And the last question goes as follows, Is it possible to have more than 1 user having different IP address assignments? I believe the answer is no as I have tried but the config never works as you can only have one access profile for firewall authentication and XAUTH authentication AND you can only have one IP Subnet per access profile.
am I right?
Regards
Jcarvaja
CCIE,2-CCNP, JNCIS-SEC