Screen OS

Hi juniper heads,

I'd like to link my home connection up to a smallish juniper/netscreen VPN network (7 locations with about  120 or so routes carried in ospf). I'm looking to purchase a small SOHO juniper box (5GT or similar), but it's not clear from the documentation i can find which versions support OSPF based vpn's. Basic Requirements:

- 3 IPSEC VPN sessions

- 15 or so rules

- OSPF vpn sessions (ospf over tunnel interfaces within vpn)

-  only need one trust port, one untrust port (though more won't hurt)

So what's the smallest/cheapest box that can do all that? 

Thanks for any help you can provide! 

Hi

All platforms support OSPF. The question is probably how many LSAs you need to have.

Check out the data sheet here:

http://www.juniper.net/us/en/local/pdf/datasheets/1000176-en.pdf

The smallest which is SSG5 supports 3 instances of OSPF, 1024 OSPF routes.

Also remember if you want to implement OSPF to use numbered interfaces for the tunnel interface (eg configure an ip address on the tunnel interface).

Hey WL, thanks for the note. The SSG5 is a perfect option, though its probably out of my league price-wise. I was looking at an older 5-GT, but the datasheet for that is not clear about how many ospf lsa's it can support:

http://chn.netsecuretech.com/pdf/5GTdatasheet.pdf

IT says it can do 3 ospf instances and 1024 static routes, but its not clear how many ospf routes it can handle.. (odd). Any ideas?

Thanks again!