SRX Services Gateway
SRX Services Gateway

Dynamic Vpn

03.23.11   |  
‎03-23-2011 03:42 AM

I have tried to configure Dynamic Vpn on Srx210.

 

I used http://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/technotes/dynamic-vpn-appnote-junos10.4-v2...

 

this article but it did not work. When I commit check

 

[edit security ipsec]
  'policy ipsec-dyn-vpn-policy'
    Missing proposals for IPSec policy ipsec-dyn-vpn-policy for ipsec_vpn dyn-vpn
configuration check succeeds

 

I corrected the proposals but this time I recieved another commit check failure.

 

Can anyone paste working config for JUNOS Software Release [10.2R3.10] ?

 

I won't use radius server. Local authentication will happen.

 

JUNOS Software Release [10.2R3.10] don't have wizard.

MCP - MCSA+S - MCSE+S
MCTS: Vista
1 REPLY
Highlighted
SRX Services Gateway

Re: Dynamic Vpn

03.23.11   |  
‎03-23-2011 11:41 PM
That app note refers to dynamic VPN with Junos 10.4. There were some important new functionality added in 10.4 with regards to dynamic VPN. So not everything there will work with 10.2R3. There is a different app note for pre-10.4 releases. However given that you do not plan to use Radius, I would seriously consider upgrading to 10.4R3 to get local IP pool capability for xauth. With 10.3 and earlier, IP assignment must be via Radius. Once upgraded then give the app note you are using a try. It should work if you follow all the steps with 10.4R3.

-Richard