Advanced Juniper Networks VPN Implementations (AJVI)

This two-day, intermediate-level course focuses on the wide range of options available when configuring virtual private networks (VPNs) using Juniper Networks firewall/VPN products. Students attending the course will learn these various deployments through detailed lectures and hands-on lab exercises. 


After successfully completing this course, you should be able to:
  • Configure LAN-to-LAN IP Security (IPsec) VPNs in various configurations. 
  • Configure VPN redundancy. 
  • Configure dynamic routing using IPsec VPNs. 
  • Configure remote access IPsec connectivity including group Internet Key Exchange (IKE) and shared IKE. 
  • Configure generic routing encapsulation (GRE) tunnels. 

Intended Audience:
This course is intended for network engineers, network support personnel, and reseller support.

Course Level:
Advanced Juniper Networks VPN Implementations is an intermediate-level course.

Prerequisites for this course include the following:
  • Completion of the Configuring Juniper Networks Firewall/IPsec VPN Products (CJFV) course or equivalent experience with ScreenOS software. 
  • General networking knowledge, including Ethernet, TCP/IP, and routing concepts. 

Course Contents:
Day 1 

Chapter 1: Course Introduction 

Chapter 2: ScreenOS VPN Basics Review 
  • VPN Review 
  • Verifying Operations 
  • VPN Monitor 
  • Lab: VPN Review 

Chapter 3: VPN Variations 
  • Dynamic Peers 
  • Transparent Mode 
  • Overlapping Addresses 
  • Lab: VPN Variations 
Chapter 4: Hub-and-Spoke VPNs 
  • Concepts 
  • Policy-Based Hub-and-Spoke VPNs 
  • Route-Based Hub-and-Spoke VPNs with No Policy and NHTB 
  • Route-Based Hub-and_Spoke VPNS with Policy 
  • Centralized Control Hub-and-Spoke VPNs 
  • ACVPNs 
  • Lab: Hub-and-Spoke VPNs 

Chapter 5: Routing over VPNs 
  • Routing Overview 
  • Configuring RIP 
  • Configuring OSPF 
  • Case Studies 
  • Lab: Dynamic Routing 

Day 2 

Chapter 6: Using Certificates 
  • Concepts and Terminology 
  • Configuring Certificates and Certificate Support 
  • Configuring VPNs with Certificates 
  • Lab: Using Certificates 
Chapter 7: Redundant VPN Gateways (Optional) 
  • ?Redundant VPN Gateways 
  • ?Other Options 
  • ?Demonstration: Redundant VPN Gateways 

Chapter 8: Generic Routing Encapsulation (Optional) 
  • Configuring GRE 

Chapter 9: Dial-Up IPsec VPNs (Optional) 
  • Basic Dial-Up Configuration 
  • Group IKE ID 
  • XAUTH and Shared IKE ID