hi,
thx for the links.
i did get so far:
set access profile dyn-vpn-access-profile client client1 firewall-user password xx
set access profile dyn-vpn-access-profile client client2 firewall-user password xx
set access profile dyn-vpn-access-profile address-assignment pool dyn-vpn-address-pool
set access address-assignment pool dyn-vpn-address-pool family inet network 10.10.10.0/24
set access address-assignment pool dyn-vpn-address-pool family inet xauth-attributes primary-dns 8.8.8.8/32
set access firewall-authentication web-authentication default-profile dyn-vpn-access-profile
set security ike policy ike-dyn-vpn-policy mode aggressive
set security ike policy ike-dyn-vpn-policy proposal-set standard
set security ike policy ike-dyn-vpn-policy pre-shared-key ascii-text xxxXXXxxx
set security ike gateway dyn-vpn-local-gw ike-policy ike-dyn-vpn-policy
set security ike gateway dyn-vpn-local-gw dynamic hostname dynvpn
set security ike gateway dyn-vpn-local-gw dynamic connections-limit 10
set security ike gateway dyn-vpn-local-gw dynamic ike-user-type group-ike-id
set security ike gateway dyn-vpn-local-gw external-interface ge-0/0/0.0
set security ike gateway dyn-vpn-local-gw xauth access-profile dyn-vpn-access-profile
set security ipsec policy ipsec-dyn-vpn-policy proposal-set standard
set security ipsec vpn dyn-vpn ike gateway dyn-vpn-local-gw
set security ipsec vpn dyn-vpn ike ipsec-policy ipsec-dyn-vpn-policy
set security policies from-zone UNTRUST to-zone TRUST policy dyn-vpn-policy match source-address any
set security policies from-zone UNTRUST to-zone TRUST policy dyn-vpn-policy match destination-address any
set security policies from-zone UNTRUST to-zone TRUST policy dyn-vpn-policy match application any
set security policies from-zone UNTRUST to-zone TRUST policy dyn-vpn-policy then permit tunnel ipsec-vpn dyn-vpn
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ike
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services https
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ping
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ssh
set security dynamic-vpn access-profile dyn-vpn-access-profile
set security dynamic-vpn clients all remote-protected-resources 192.168.1.0/24
set security dynamic-vpn clients all remote-exceptions 0.0.0.0/0
set security dynamic-vpn clients all ipsec-vpn dyn-vpn
set security dynamic-vpn clients all user client1
set security dynamic-vpn clients all user client2
After did, i tried with junos pulse to connect, it asks me verytime for user and pass, but it does not connect.
and after verifying the steps as in the link for configuring the VPN
http://www.juniper.net/techpubs/en_US/junos12.1x47/topics/example/vpn-security-dynamic-example-configuring.html
serdar@SRX210> show security ike security-associations --> EMPTY
serdar@SRX210> show security ike active-peer
Remote Address Port Peer IKE-ID XAUTH username Assigned IP
145.94.172.128 59477 client2dynvpn --> this is the IP where im at remote location!!!!!
145.94.172.128 64357 not available client1
serdar@SRX210> show security ipsec security-associations
Total active tunnels: 0
serdar@SRX210>
so what im missing? i also tried with the iphone.... but it says it fails to connect with the server