SRX Services Gateway
Highlighted
SRX Services Gateway

Asking about Preshared-key on VPN Remote Access

‎06-04-2013 03:01 AM

Hi.

 

When configure remote VPN on SRX, I see we need to type preshared-key parametter. But when configure on Junos Pulse (VPN Client for Juniper), I don't see any place to type preshared-key. So some one can explain for me what the role of preshared-key on VPN remote? Or in Juniper VPN remote Access, we don't need preshared-key?

5 REPLIES 5
Highlighted
SRX Services Gateway

Re: Asking about Preshared-key on VPN Remote Access

‎06-04-2013 11:15 AM

Pulse is used with the Dynamic VPN functionality of the SRX -- not the site-to-site VPN.

 

As such, the configuration is a bit different.

 

KB17641 is a good place to start, from there it can take you through Pulse configuration and also configuring the Dynamic VPN on the SRX.

-kr


---
If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated.
Highlighted
SRX Services Gateway

Re: Asking about Preshared-key on VPN Remote Access

‎10-15-2013 09:39 PM
Hello,

Do you know why is not used? For me its too weak this access method.
Highlighted
SRX Services Gateway
Solution
Accepted by topic author hoand
‎08-26-2015 01:27 AM

Re: Asking about Preshared-key on VPN Remote Access

‎10-16-2013 12:17 PM

@Layardtd wrote:

Do you know why is not used? For me its too weak this access method.

The Pulse / Dynamic VPN works a little differently than a site-to-site VPN.

 

With the Dynamic VPN, the pre-shared key is used, however the Pulse client does not need to be configured with it.  The Pulse client will authenticate the user first by using username/password credentials (over HTTPS) and there must be an access profile configured and tied with the dynamic VPN.  Once the initial authentication passes, the configuration (including the IKE Phase 1 pre-shared key) is automatically downloaded to the client, and the authentication continues from there.

 

-kr


---
If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated.
Highlighted
SRX Services Gateway

Re: Asking about Preshared-key on VPN Remote Access

‎03-18-2015 01:29 AM

Thanks so much.

Highlighted
SRX Services Gateway

Re: Asking about Preshared-key on VPN Remote Access

‎01-10-2017 07:54 AM

This document should be linked on all our Dynamic VPN pages as the explanation of how it functions helped me more than most of the official docs to get my service working on SRX300 running 15.1X49-D70.3. I've submitted a request to our documentation team for exactly that.

 

Thanks for the link!