Course Details
Overview
This two-day, intermediate-level course focuses on the wide range of options available when configuring virtual private networks (VPNs) using Juniper Networks firewall/VPN products. Students attending the course will learn these various deployments through detailed lectures and hands-on lab exercises. This course is based on Screen OS version 6.3r14.
Course Level:
Advanced Juniper Networks VPN Implementations is an intermediate-level course.
Objectives
After successfully completing this course, you should be able to:
- Configure LAN-to-LAN IP Security (IPsec) VPNs in various configurations.
- Configure VPN redundancy.
- Configure dynamic routing using IPsec VPNs.
- Configure remote access IPsec connectivity including group Internet Key Exchange (IKE) and shared IKE.
- Configure generic routing encapsulation (GRE) tunnels.
Outline
Day 1
Chapter 1: Course Introduction
Chapter 2: ScreenOS VPN Basics Review
- VPN Review
- Verifying Operations
- VPN Monitor
- Lab: VPN Review
Chapter 3: VPN Variations
- Dynamic Peers
- Transparent Mode
- Overlapping Addresses
- Lab: VPN Variations
Chapter 4: Hub-and-Spoke VPNs
- Concepts
- Policy-Based Hub-and-Spoke VPNs
- Route-Based Hub-and-Spoke VPNs with No Policy and NHTB
- Route-Based Hub-and_Spoke VPNS with Policy
- Centralized Control Hub-and-Spoke VPNs
- ACVPNs
- Lab: Hub-and-Spoke VPNs
Chapter 5: Routing over VPNs
- Routing Overview
- Configuring RIP
- Configuring OSPF
- Case Studies
- Lab: Dynamic Routing
Day 2
Chapter 6: Using Certificates
- Concepts and Terminology
- Configuring Certificates and Certificate Support
- Configuring VPNs with Certificates
- Lab: Using Certificates
Chapter 7: Redundant VPN Gateways (Optional)
- Redundant VPN Gateways
- Other Options
- Demonstration: Redundant VPN Gateways
Chapter 8: Generic Routing Encapsulation (Optional)
- Configuring GRE
Chapter 9: Dial-Up IPsec VPNs (Optional)
- Basic Dial-Up Configuration
- Group IKE ID
- XAUTH and Shared IKE ID
Target Audience
- This course is intended for network engineers, network support personnel, and reseller support.
Prerequisites
- Completion of the Configuring Juniper Networks Firewall/IPsec VPN Products (CJFV) course or equivalent experience with ScreenOS software.
- General networking knowledge, including Ethernet, TCP/IP, and routing concepts.