SRX Services Gateway
SRX Services Gateway

Remote access VPN clients on RIs

‎05-01-2017 09:21 PM

SRX.jpg

 

According to the above diagram, RA VPN client A has to access his resources on 10.2.3/24 A location. Like wise B has to access his resources on 10.2.3/24 B location.

 

A and B are two different companies. We can achive our goal if we can bind RA VPN clients on seperate RIs based on the ike pre-shared key.

 

Kindle share expert knowledge to solve this problem.

1 REPLY 1
SRX Services Gateway
Solution
Accepted by topic author Smartm
‎06-07-2017 12:02 AM

Re: Remote access VPN clients on RIs

‎06-07-2017 12:02 AM

Hi All,

 

 

We have done this using route based vpn. We have used multipoint interface as anchor point.

 

IFL

 

st0 {
    unit 0 {
        multipoint;
        family inet {
            address 10.5.5.129/25;
        }
    }
    unit 1 {                            
        multipoint;
        family inet {
            address 10.6.6.129/25;
        }
    }
}

 

RI

FIVE {

    instance-type virtual-router;
    interface st0.0;
    interface vlan.258;
}
SIX {
    instance-type virtual-router;
    interface st0.1;
    interface vlan.259;
}