About VPNs
With Network and Security Manager (NSM), you can use basic networking principles and
your Juniper Networks security devices to create VPNs that connect your headquarters
with your branch offices and your remote users with your protected networks.
NSM supports tunnel and transport modes for AutoKey IKE, Manual Key, L2TP, and
L2TP-over-AutoKey IKE VPNS in policy or route-based configurations. You can create
the VPN at the system-level or device-level:
•
System-Level VPN (VPN Manager)—Design a system level VPN and automatically set
up connections, tunnels, and rules for all devices in the VPN.
•
Device-Level VPN (Device Manager)—Manually configure VPN information for each
security device, then add VPN rules to a security policy to create a policy-based VPN
or configure routes on each security device to create a route-based VPNs.
NOTE:
Each VPN that a device belongs to reduces the maximum number of templates
by one. This includes VPNs configured in VPN Manager and VPNs configured at the
device-level. You can apply a maximum of 63 templates to a single device.
Creating System-Level VPNs with VPN Manager
For AutoKey IKE and L2TP VPNs, create the VPN at the system-level using VPN Manager.
VPN Manager supports:
•
AutoKey IKE VPNs—In policy-based or route-based modes. You can also create a
Mixed-Mode VPN to connect policy-based VPN members to route-based VPNs
members in a single VPN.
•
L2TP-over-AutoKey IKE RAS VPNs and L2TP RAS VPNs—Can connect and authenticate
multiple L2TP remote access services (RAS) users and protected resources with or
without encryption.
•
Reusable VPN Components—Create objects to represent your protected resources,
CA certificates and CRLs, custom IKE proposals, and NAT configurations, then use
these objects in multiple VPNs.
•
Compact and Expanded Views—Choose the Compact (default) or Expanded view to
create your VPN. Both views offer the same configuration options.
•
Autogenerated Tunnels—Create tunnel interfaces on each route-based VPNs member
automatically. Use the device tunnel summary to review all autogenerated tunnels in
the VPN.
•
Autogenerated VPN Rules—Create all VPN rules with a single click. NSM automatically
generates the rules between each policy-based VPN member. You can review these
Copyright © 2010, Juniper Networks, Inc.
544
Network and Security Manager Administration Guide
Содержание NETWORK AND SECURITY MANAGER 2010.3
Страница 6: ...Copyright 2010 Juniper Networks Inc vi...
Страница 36: ...Copyright 2010 Juniper Networks Inc xxxvi Network and Security Manager Administration Guide...
Страница 52: ...Copyright 2010 Juniper Networks Inc 2 Network and Security Manager Administration Guide...
Страница 90: ...Copyright 2010 Juniper Networks Inc 40 Network and Security Manager Administration Guide...
Страница 144: ...Copyright 2010 Juniper Networks Inc 94 Network and Security Manager Administration Guide...
Страница 146: ...Copyright 2010 Juniper Networks Inc 96 Network and Security Manager Administration Guide...
Страница 234: ...Copyright 2010 Juniper Networks Inc 184 Network and Security Manager Administration Guide...
Страница 310: ...Copyright 2010 Juniper Networks Inc 260 Network and Security Manager Administration Guide...
Страница 364: ...Copyright 2010 Juniper Networks Inc 314 Network and Security Manager Administration Guide...
Страница 366: ...Copyright 2010 Juniper Networks Inc 316 Network and Security Manager Administration Guide...
Страница 478: ...Copyright 2010 Juniper Networks Inc 428 Network and Security Manager Administration Guide...
Страница 576: ...Copyright 2010 Juniper Networks Inc 526 Network and Security Manager Administration Guide...
Страница 580: ...Copyright 2010 Juniper Networks Inc 530 Network and Security Manager Administration Guide...
Страница 592: ...Copyright 2010 Juniper Networks Inc 542 Network and Security Manager Administration Guide...
Страница 684: ...Copyright 2010 Juniper Networks Inc 634 Network and Security Manager Administration Guide...
Страница 690: ...Copyright 2010 Juniper Networks Inc 640 Network and Security Manager Administration Guide...
Страница 696: ...Copyright 2010 Juniper Networks Inc 646 Network and Security Manager Administration Guide...
Страница 698: ...Copyright 2010 Juniper Networks Inc 648 Network and Security Manager Administration Guide...
Страница 748: ...Copyright 2010 Juniper Networks Inc 698 Network and Security Manager Administration Guide...
Страница 778: ...Copyright 2010 Juniper Networks Inc 728 Network and Security Manager Administration Guide...
Страница 870: ...Copyright 2010 Juniper Networks Inc 820 Network and Security Manager Administration Guide...
Страница 872: ...Copyright 2010 Juniper Networks Inc 822 Network and Security Manager Administration Guide...
Страница 898: ...Copyright 2010 Juniper Networks Inc 848 Network and Security Manager Administration Guide...
Страница 908: ...Copyright 2010 Juniper Networks Inc 858 Network and Security Manager Administration Guide...
Страница 910: ...Copyright 2010 Juniper Networks Inc 860 Network and Security Manager Administration Guide...
Страница 995: ...PART 6 Index Index on page 947 945 Copyright 2010 Juniper Networks Inc...
Страница 996: ...Copyright 2010 Juniper Networks Inc 946 Network and Security Manager Administration Guide...