Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Understanding IPsec VPN Routing

SRX Series Firewalls must know how to reach destination networks. This can be configured through the use of static routing or dynamic routing.

In Juniper Security Director Cloud, route-based VPNs support OSPF, RIP, and eBGP routing along with static routing. Static routing requires that administrators specify the list of host or network addresses at each site as part of the VPN.

For example, in a retail scenario, where thousands of spokes can be part of a VPN, the static routing approach generates a huge configuration at each device. Static routing requires administrators to manually configure each route, and problems might occur when the infrastructure changes or when the administrators do not have access to the addresses for the protected network. Keeping routes up-to-date manually also creates a tremendous overhead.