Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Dynamic VPN is part of the web management system that is configured under system services web-management (https). If you delete this configuration block, all SSL-based services (at least that I can think of) should be disabled.
system services web-management (https)
Juniper configs are entirely explicit. You should be able to look through the configuration and see anything related to https/ssl and just delete those blocks and it will go away. There is definitely nothing SSL-related enabled by default on these boxes.
If all else fails, you can always address this with a to-zone "junos-host" security policy, host-inbound-traffic or firewall filter on the lo0 interface to filter the traffic before it gets to the RE.
Dynamic VPN itself is pure IKE/IPsec, the web portal just gives you a place to download the client.