This two-day, advanced-level course focuses on the wide range of options available when configuring VPNs using Juniper Networks firewall/VPN products. Students attending the course will learn these various deployments through detailed lectures and hands-on lab exercises. This course is based on ScreenOS version 6.3r14.
Prerequisites for this course include the following:
- Completion of the Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV) course or equivalent experience with ScreenOS software.
- General networking knowledge, including Ethernet, TCP/IP, and routing concepts.
ScreenOS VPN Basics Review
- VPN Review
- Verifying Operations
- VPN Monitor
- Lab 1: VPN Review
- Dynamic Peers
- Transparent Mode
- Overlapping Addresses
- Lab 2: VPN Variations
- Policy-Based Hub-and-Spoke
- Route-Based, with No Policy, and NHTB
- Route-Based with Policy
- Centralized Control
- AutoConnect-Virtual Private Networks
- Lab 3: Hub-and-Spoke VPNs
Routing over VPNs
- Routing Overview
- Configuring RIP
- Configuring OSPF
- Case Studies
- Lab 4: Dynamic Routing
- Concepts and Terminology
- Configuring Certificates and Certificate Support
- Configuring VPNs with Certificates
- Lab 5: Using Certificates
Redundant VPN Gateways (Optional)
- Redundant VPN Gateways
- Other Options
- Demo: Redundant VPN Gateways
Generic Routing Encapsulation (Optional)
Dial-Up IPSec VPNs
- Basic Dial-up Configuration
- Group IKE ID
- XAUTH and Shared IKE ID
After successfully completing this course, you should be able to:
- Configure LAN-to-LAN IPSec VPNs in various configurations.
- Configure VPN redundancy.
- Configure dynamic routing using IPSec VPNs.
- Configure remote access IPSec connectivity including group IKE and shared IKE.
- Configure GRE tunnels.
This course is intended for network engineers, network support personnel, and reseller support.