Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this

Table Of Contents

About This Volume
“Web User Interface Conventions” on pageviii
“Command Line Interface Conventions” on pageviii
Web User Interface Conventions
Command Line Interface Conventions
Naming Conventions and Character Types
Technical Documentation and Support
Chapter 1
Internet Protocol Security
Introduction to Virtual Private Networks
Transport Mode
Tunnel Mode
Authentication Header
Encapsulating Security Payload
Key Management
Manual Key
AutoKey IKE
Security Associations
Tunnel Negotiation
Main and Aggressive Modes
Diffie-Hellman Exchange
Perfect Forward Secrecy
Replay Protection
IKE and IPSec Packets
IKE Packets
IPSec Packets
Chapter 2
Public Key Cryptography
Introduction to Public Key Cryptography
Signing a Certificate
Verifying a Digital Signature
Public Key Infrastructure
Certificates and CRLs
Requesting a Certificate Manually
Loading Certificates and Certificate Revocation Lists
Configuring CRL Settings
Obtaining a Local Certificate Automatically
Automatic Certificate Renewal
Key-Pair Generation
Online Certificate Status Protocol
Specifying a Certificate Revocation Check Method
Viewing Status Check Attributes
Specifying an Online Certificate Status Protocol Responder URL
Removing Status Check Attributes
Self-Signed Certificates
Certificate Validation
Manually Creating Self-Signed Certificates
Setting an Admin-Defined Self-Signed Certificate
Certificate Auto-Generation
Deleting Self-Signed Certificates
Chapter 3
Virtual Private Network Guidelines
Cryptographic Options
Site-to-Site Cryptographic Options
Dialup VPN Options
Route-Based and Policy-Based Tunnels
Packet Flow: Site-to-Site VPN
Tunnel Configuration Guidelines
Route-Based Virtual Private Network Security Considerations
Null Route
Dialup or Leased Line
VPN Failover to Leased Line or Null Route
Decoy Tunnel Interface
Virtual Router for Tunnel Interfaces
Reroute to Another Tunnel
Chapter 4
Site-to-Site Virtual Private Networks
Site-to-Site VPN Configurations
Route-Based Site-to-Site VPN, AutoKey IKE
Policy-Based Site-to-Site VPN, AutoKey IKE
Route-Based Site-to-Site VPN, Dynamic Peer
Policy-Based Site-to-Site VPN, Dynamic Peer
Route-Based Site-to-Site VPN, Manual Key
Policy-Based Site-to-Site VPN, Manual Key
Dynamic IKE Gateways Using FQDN
Setting AutoKey IKE Peer with FQDN
VPN Sites with Overlapping Addresses
Transparent Mode VPN
Chapter 5
Dialup Virtual Private Networks
Policy-Based Dialup VPN, AutoKey IKE
Route-Based Dialup VPN, Dynamic Peer
Policy-Based Dialup VPN, Dynamic Peer
Bidirectional Policies for Dialup VPN Users
Group IKE ID
Group IKE ID with Certificates
Wildcard and Container ASN1-DN IKE ID Types
Creating a Group IKE ID (Certificates)
Setting a Group IKE ID with Preshared Keys
Shared IKE ID
Chapter 6
Layer2 Tunneling Protocol
“Introduction to L2TP” on page205
Introduction to L2TP
Packet Encapsulation and Decapsulation
Setting L2TP Parameters
L2TP and L2TP-over-IPSec
Configuring L2TP
Configuring L2TP-over-IPSec
Bidirectional L2TP-over-IPSec
Chapter 7
Advanced Virtual Private Network Features
Probing for NAT
Traversing a NAT Device
UDP Checksum
Keepalive Packets
Initiator/Responder Symmetry
Enabling NAT-Traversal
Using IKE IDs with NAT-Traversal
VPN Monitoring
Rekey and Optimization Options
Source Interface and Destination Address
Policy Considerations
Configuring the VPN Monitoring Feature
SNMP VPN Monitoring Objects and Traps
Multiple Tunnels per Tunnel Interface
Route-to-Tunnel Mapping
Remote Peers’ Addresses
Manual and Automatic Table Entries
Manual Table Entries
Automatic Table Entries
Setting VPNs on a Tunnel Interface to Overlapping Subnets
Binding Automatic Route and NHTB Table Entries
Using OSPF for Automatic Route Table Entries
Redundant VPN Gateways
Creating Redundant VPN Gateways
Creating Back-to-Back VPNs
Creating Hub-and-Spoke VPNs
Chapter 8
AutoConnect-Virtual Private Networks
How It Works
NHRP Messages
AC-VPN Tunnel Initiation
Network Address Translation
Configuration on Each Spoke
0 of .
Results for:
No results containing your search query
P. 1
Policy VPN Juniper

Policy VPN Juniper

Ratings: (0)|Views: 7,513|Likes:
Published by f_124

More info:

Published by: f_124 on Nov 13, 2010
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





You're Reading a Free Preview
Pages 8 to 130 are not shown in this preview.
You're Reading a Free Preview
Pages 141 to 177 are not shown in this preview.
You're Reading a Free Preview
Pages 185 to 303 are not shown in this preview.
You're Reading a Free Preview
Pages 311 to 350 are not shown in this preview.

Activity (4)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
Minh Le Van liked this
Lotus Perfaction liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->