Configure IPsec to a Juniper SSG Firewall


#1

This guide covers configuration an IPsec VPN between Peplink and Juniper SSG firewall. The example assumes the following settings:

IPsec VPN Settings

Peplink WAN IP Address 210.211.10.5 Peplink LAN Network 192.168.2.0/24 Juniper SSG WAN IP Address 66.80.3.1 Juniper SSG LAN Network 192.168.1.0/24 IPsec Phase 1 Authentication SHA-1 ISPEC Phase 1 Encryption AES-128 ISPEC Phase 1 DH Group 2 IPsec Phase 2 Authentication SHA-1 ISPEC Phase 2 Encryption AES-128 ISPEC Phase 2 PFS Group 2

Configure Juniper SSG firewall

Create IPsec VPN Profile

Goto Wizards > Route Based VPN to begin:
  1. Select local and remote interfaces.juniper-ipsec-x509-04
  2. Bind the tunnel to untrust interface.juniper-ipsec-x509-04b
  3. Select LAN to LAN tunnel.juniper-ipsec-x509-04c
  4. Select Local Static IP <> Remote Static IPjuniper-ipsec-x509-04d
  5. Enter remote IP address of Peplinkjuniper-ipsec-x509-04e
  6. Select 128 bit encryptionjuniper-ipsec-x509-04f
  7. Specify the local and remote networks of the IPsec VPNjuniper-ipsec-x509-04g
  8. Pass all protocols over VPN in both directionsjuniper-ipsec-x509-04h
  9. Set logging options as neededjuniper-ipsec-x509-04i
  10. Set Schedule to Nonejuniper-ipsec-x509-04j
  11. Click Next then Finish to complete VPN configuration.juniper-ipsec-x509-04k

Configure Peplink device

Create IPsec Profile

  1. Goto Network > Interfaces > IPsec VPN to create a new IPsec profile. Give the VPN a meaningful Name and enter the Remote Gateway IP , Remote Networks , and Preshared Key of the Juniper SSG. Select the matching Phase 1 and Phase 2 settings for VPN.
  2. Click Save and the IPsec configuration is now complete.juniper-ipsec-01

Site to Site VPN problem(Dell SonicWALL TZ400 with PEPLINK580)
Add IKEv2 to IPSEC VPN
Configure VPN with PIA on Surf SOHO