Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
32Activity

Table Of Contents

0 of .
Results for:
No results containing your search query
P. 1
Juniper VPN Concepts

Juniper VPN Concepts

Ratings: (0)|Views: 1,111 |Likes:
Published by Naveed Shahid
vpn concepts
vpn concepts

More info:

Published by: Naveed Shahid on Jun 16, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

11/14/2012

pdf

text

original

 
Juniper Networks, Inc.
1194 North Mathilda AvenueSunnyvale, CA 94089USA408-745-2000
www.juniper.net
Concepts & ExamplesScreenOS Reference Guide
Volume5:VirtualPrivateNetworks
 Release 6.2.0, Rev. 02
 
ii
Copyright Notice
Copyright © 2010 Juniper Networks, Inc. All rights reserved.Juniper Networks, the Juniper Networks logo, JUNOS, NetScreen, ScreenOS, and Steel-Belted Radius are registered trademarks of Juniper Networks, Inc.in the United States and other countries. JUNOSe is a trademark of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, orregistered service marks are the property of their respective owners.All specifications are subject to change without notice. Juniper Networks assumes no responsibility for any inaccuracies in this document or for anyobligation to update information in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publicationwithout notice.
FCC Statement
The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class Adigital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when theequipment is operated in a commercial environment. The equipment generates, uses, and can radiate radio-frequency energy and, if not installed andused in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residentialarea is likely to cause harmful interference, in which case users will be required to correct the interference at their own expense.The following information is for FCC compliance of Class B devices: The equipment described in this manual generates and may radiate radio-frequencyenergy. If it is not installed in accordance with Juniper Networks’ installation instructions, it may cause interference with radio and television reception.This equipment has been tested and found to comply with the limits for a Class B digital device in accordance with the specifications in part 15 of the FCCrules. These specifications are designed to provide reasonable protection against such interference in a residential installation. However, there is noguarantee that interference will not occur in a particular installation.If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the useris encouraged to try to correct the interference by one or more of the following measures:
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and receiver.
Consult the dealer or an experienced radio/TV technician for help.
Connect the equipment to an outlet on a circuit different from that to which the receiver is connected.
Caution:
Changes or modifications to this product could void the user's warranty and authority to operate this device.
Disclaimer
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPEDWITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITEDWARRANTY, CONTACT YOUR JUNIPER NETWORKS REPRESENTATIVE FOR A COPY.
 
Table of Contents
iii
Table of Contents
vii
1
Introduction to Virtual Private Networks..........................................................2IPsec Concepts.................................................................................................3Modes........................................................................................................4Transport Mode..................................................................................4Tunnel Mode.......................................................................................4Protocols...................................................................................................5Authentication Header........................................................................6Encapsulating Security Payload...........................................................6Key Management......................................................................................7Manual Key.........................................................................................7AutoKey IKE........................................................................................7Key Protection....................................................................................8Security Associations.................................................................................8Tunnel Negotiation...........................................................................................9Phase1......................................................................................................9Main and Aggressive Modes..............................................................10Diffie-Hellman Exchange...................................................................11Phase2....................................................................................................11Perfect Forward Secrecy...................................................................12Replay Protection..............................................................................12IKE and IPsec Packets....................................................................................13IKE Packets.............................................................................................13IPsec Packets...........................................................................................16IKE Version 2...........................................................................................18Initial Exchanges...............................................................................18CREATE_CHILD_SA Exchange..........................................................20Informational Exchanges..................................................................20Enabling IKEv2 on a Security Device.......................................................20Example: Configuring an IKEv2 Gateway..........................................21Authentication Using Extensible Authentication Protocol..................25IKEv2 EAP Passthrough...........................................................................26

Activity (32)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
ngminhtien liked this
Lotus Perfaction liked this
Umer Aziz Rana liked this
scotty6951 liked this
Lotus Perfaction liked this
Lotus Perfaction liked this
Ian Bond liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->