Configure IPsec to a Juniper SSG Firewall

This guide covers configuration an IPsec VPN between Peplink and Juniper SSG firewall. The example assumes the following settings:

IPsec VPN Settings

Peplink WAN IP Address Peplink LAN Network Juniper SSG WAN IP Address Juniper SSG LAN Network IPsec Phase 1 Authentication SHA-1 ISPEC Phase 1 Encryption AES-128 ISPEC Phase 1 DH Group 2 IPsec Phase 2 Authentication SHA-1 ISPEC Phase 2 Encryption AES-128 ISPEC Phase 2 PFS Group 2

Configure Juniper SSG firewall

Create IPsec VPN Profile

Goto Wizards > Route Based VPN to begin:
  1. Select local and remote interfaces.


  2. Bind the tunnel to untrust interface.


  3. Select LAN to LAN tunnel.


  4. Select Local Static IP <> Remote Static IP


  5. Enter remote IP address of Peplink


  6. Select 128 bit encryption


  7. Specify the local and remote networks of the IPsec VPN


  8. Pass all protocols over VPN in both directions


  9. Set logging options as needed


  10. Set Schedule to None


  11. Click Next then Finish to complete VPN configuration.


Configure Peplink device

Create IPsec Profile

  1. Goto Network > Interfaces > IPsec VPN to create a new IPsec profile. Give the VPN a meaningful Name and enter the Remote Gateway IP , Remote Networks , and Preshared Key of the Juniper SSG. Select the matching Phase 1 and Phase 2 settings for VPN.
  2. Click Save and the IPsec configuration is now complete.


1 Like