VPN

Name Juniper VPN

Network
IP Version IPv4
Remote Gateway Static IP Address
IP Address 192.168.1.200
Interface WAN (port1)
Local Gateway <disable>
Mode Config <disable>
NAT Transversal Enable
Keepalive Frecuency 10
Dead Peer Detection Disable
 Authentication
Method Pre-shared Key
Pre-shared Key ******
IKE
Version 1
Mode Main(ID protection)

Phase 1 Proposal
Encription DES
Authentication MD5
Diffie Hellman Group 5
Key Lifetime (Seconds) 86400
Lolca ID 192.168.1.201

set security ike proposal prop-ike-forti authentication-method pre-shared-keys

set security ike proposal prop-ike-forti dh-group group5

set security ike proposal prop-ike-forti authentication-algorithm md5

set security ike proposal prop-ike-forti encryption-algorithm des-cbc

set security ike proposal prop-ike-forti lifetime-seconds 86400

set security ike policy pol-ike-forti mode main

set security ike policy pol-ike-forti proposals prop-ike-forti

set security ike policy pol-ike-forti pre-shared-key ascii-text "******"

set security ike gateway gw-ike-forti ike-policy pol-ike-forti

set security ike gateway gw-ike-forti address 192.168.1.201

set security ike gateway gw-ike-forti external-interface ge-0/0/0.0

set security ike gateway gw-ike-forti general-ikeid

set security ike gateway gw-ike-forti version v1-only

XAUTH
Type Disabled

Phase 2 Selectors
Phase2 Proposals
Encryption DES
Authentication MD5
PFS <enable>
DH Group Group 5
Key Lifetime Seconds
Seconds 1800
set security ipsec proposal prop-ipsec-forti protocol esp

set security ipsec proposal prop-ipsec-forti authentication-algorithm hmac-md5-96

set security ipsec proposal prop-ipsec-forti encryption-algorithm des-cbc

set security ipsec proposal prop-ipsec-forti lifetime-seconds 1800

set security ipsec policy pol-ipsec-forti perfect-forward-secrecy keys group5

set security ipsec policy pol-ipsec-forti proposals prop-ipsec-forti

set security ipsec vpn vpn-forti bind-interface st0.0

set security ipsec vpn vpn-forti ike gateway gw-ike-forti

set security ipsec vpn vpn-forti ike ipsec-policy pol-ipsec-forti

set security ipsec vpn vpn-forti establish-tunnels on-traffic

Routing

INTERFACE

set interfaces st0 unit 0 family inet

ROUTE

set routing-options static route 172.16.14.0/24 next-hop st0.0

Policies

ZONE

set security zones security-zone VPN-Zone host-inbound-traffic system-services ike

set security zones security-zone VPN-Zone host-inbound-traffic system-services ping

set security zones security-zone VPN-Zone host-inbound-traffic system-services traceroute

set security zones security-zone VPN-Zone interfaces st0.0

POLICY

set security policies from-zone trust to-zone VPN-Zone policy to_Forti match source-address
any

set security policies from-zone trust to-zone VPN-Zone policy to_Forti match destination-
address any

set security policies from-zone trust to-zone VPN-Zone policy to_Forti match application any

set security policies from-zone trust to-zone VPN-Zone policy to_Forti then permit

set security policies from-zone trust to-zone VPN-Zone policy to_Forti then log session-close

set security policies from-zone trust to-zone VPN-Zone policy to_Forti then count

set security policies from-zone VPN-Zone to-zone trust policy toJunos match source-address
any

set security policies from-zone VPN-Zone to-zone trust policy toJunos match destination-
address any

set security policies from-zone VPN-Zone to-zone trust policy toJunos match application any

set security policies from-zone VPN-Zone to-zone trust policy toJunos then permit

set security policies from-zone VPN-Zone to-zone trust policy toJunos then log session-close

set security policies from-zone VPN-Zone to-zone trust policy toJunos then count