Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

VPN Profiles Overview

You can use the VPN Profile page to create an object that specifies the parameters used in a IPsec VPN. You can configure the Internet Key Exchange (IKE) and IPsec settings in VPN profile.

When a VPN profile is created, Junos Space creates an object in the Junos Space database to represent the VPN profile. You can use this object to create a route-based or policy-based IPsec VPN.

SRX Series devices support the following authentication methods in IKE negotiations for IPsec VPN:

  • Pre-shared key

  • RSA signature

  • DSA signature

  • ECDSA signature 256

  • ECDSA signature 384

The predefined VPN profile is available for both RSA and DSA certificates-based authentication. The PKI certificate list from the device is automatically retrieved during the device discovery.

SRX Series devices support pre-shared key and PKI certificate-based authentication methods in IKE negotiation for IPsec VPNs. The RSA certificate and DSA certicate-based authentication are supported for IKE negotiation. The predefined VPN profile is available with both RSA and DSA certificates-based authentication. The PKI certificate list from the device is automatically retrieved during the device discovery and update-based syslog notifications.