I want to create VPN between 5 Sites Brachs to connect to Datacenter. Which kind of VPN I should use?
With topo above: what I have to do?
-1. Because IP between SRX and Modem is private IP, i can't using it to create connection --> So I have using NAT to IP Public on Modem, Can you guide to me the command to configure it and on VPN configuration.
- 2. My SRX-345 and SRX-320 are version: 15.1X49-D45. Is it ok for create VPN.
Site-to-site VPNs does not require licenses on your device. Only endpoint client VPN and enhanced security features like Anti-virus, url-filtering and similar. There are two endpoint VPN client licenses included but support for this was first added from 15.1X49-D80. That's why you don't see them on your current version.
With your current requirements I would personally go for a route-based VPN as this tends to be a more simple setup.
Also note that when the remote side has a dynmaic ip address you will need to use the aggressive mode vpn for these connections. And the remote side will need to be initiator of traffic. You will see the examples of these in the vpn collection as well.
Steve Puluka BSEET - Juniper Ambassador IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP) http://puluka.com/home