SRX

Expand all | Collapse all

Asking about Preshared-key on VPN Remote Access

Jump to Best Answer
  • 1.  Asking about Preshared-key on VPN Remote Access

    Posted 06-04-2013 03:02

    Hi.

     

    When configure remote VPN on SRX, I see we need to type preshared-key parametter. But when configure on Junos Pulse (VPN Client for Juniper), I don't see any place to type preshared-key. So some one can explain for me what the role of preshared-key on VPN remote? Or in Juniper VPN remote Access, we don't need preshared-key?



  • 2.  RE: Asking about Preshared-key on VPN Remote Access

    Posted 06-04-2013 11:15

    Pulse is used with the Dynamic VPN functionality of the SRX -- not the site-to-site VPN.

     

    As such, the configuration is a bit different.

     

    KB17641 is a good place to start, from there it can take you through Pulse configuration and also configuring the Dynamic VPN on the SRX.



  • 3.  RE: Asking about Preshared-key on VPN Remote Access

    Posted 01-10-2017 07:54

    This document should be linked on all our Dynamic VPN pages as the explanation of how it functions helped me more than most of the official docs to get my service working on SRX300 running 15.1X49-D70.3. I've submitted a request to our documentation team for exactly that.

     

    Thanks for the link! 



  • 4.  RE: Asking about Preshared-key on VPN Remote Access

    Posted 10-15-2013 21:39
    Hello,

    Do you know why is not used? For me its too weak this access method.


  • 5.  RE: Asking about Preshared-key on VPN Remote Access
    Best Answer

    Posted 10-16-2013 12:18

    @Layardtd wrote:

    Do you know why is not used? For me its too weak this access method.

    The Pulse / Dynamic VPN works a little differently than a site-to-site VPN.

     

    With the Dynamic VPN, the pre-shared key is used, however the Pulse client does not need to be configured with it.  The Pulse client will authenticate the user first by using username/password credentials (over HTTPS) and there must be an access profile configured and tied with the dynamic VPN.  Once the initial authentication passes, the configuration (including the IKE Phase 1 pre-shared key) is automatically downloaded to the client, and the authentication continues from there.

     



  • 6.  RE: Asking about Preshared-key on VPN Remote Access

    Posted 03-18-2015 01:30

    Thanks so much.