When configure remote VPN on SRX, I see we need to type preshared-key parametter. But when configure on Junos Pulse (VPN Client for Juniper), I don't see any place to type preshared-key. So some one can explain for me what the role of preshared-key on VPN remote? Or in Juniper VPN remote Access, we don't need preshared-key?
Do you know why is not used? For me its too weak this access method.
The Pulse / Dynamic VPN works a little differently than a site-to-site VPN.
With the Dynamic VPN, the pre-shared key is used, however the Pulse client does not need to be configured with it. The Pulse client will authenticate the user first by using username/password credentials (over HTTPS) and there must be an access profile configured and tied with the dynamic VPN. Once the initial authentication passes, the configuration (including the IKE Phase 1 pre-shared key) is automatically downloaded to the client, and the authentication continues from there.
--- If this solves your problem, please mark this post as "Accepted Solution." Kudos are always appreciated.
Re: Asking about Preshared-key on VPN Remote Access
This document should be linked on all our Dynamic VPN pages as the explanation of how it functions helped me more than most of the official docs to get my service working on SRX300 running 15.1X49-D70.3. I've submitted a request to our documentation team for exactly that.