| FIREWALL VPN SECURITY |
|
| AJVI - Advanced Juniper Networks IPSec VPN Implementations |
| Course ID |
: |
EDU-JUN-AJVI |
| Length |
: |
Two days |
|
|
| |
| About this Course |
This two-day, advanced-level course focuses on the wide range of options available when configuring virtual private networks (VPNs) using Juniper Networks firewall/VPN products. Students attending the course will learn these various deployments through detailed lectures and hands-on lab exercises. The course is based on ScreenOS version 6.2. |
|
|
| |
| Objectives |
| After successfully completing this course, you should be able to: |
| » |
Configure LAN-to-LAN IP Security (IPsec) VPNs in various configurations. |
| » |
Configure VPN redundancy. |
| » |
Configure dynamic routing using IPsec VPNs. |
| » |
Configure remote access IPsec connectivity including group Internet Key Exchange (IKE) and shared IKE. |
| » |
Configure generic routing encapsulation (GRE) tunnels. |
|
| |
| Intended Audience |
This course is intended for network engineers, network support personnel, and reseller support. |
|
|
| |
| Course Level |
AJVI is an advanced-level course. |
|
|
| |
| Prerequisites |
Prerequisites for this course include the following: |
| » |
Completion of the Configuring Juniper Networks Firewall/IPsec VPN Products (CJFV) course or equivalent experience with ScreenOS software; and |
| » |
General networking knowledge including an understanding of Ethernet, TCP/IP, and routing concepts. |
|
|
|
| |
| Course Contents |
| Day One |
| Chapter 1 |
: |
Course Introduction |
| Chapter 2 |
: |
ScreenOS VPN Basics Review |
|
| » |
VPN Review |
| » |
Verifying Operations |
| » |
VPN Monitor |
| » |
Lab 1: VPN Review |
|
|
|
| |
| Chapter 3: VPN Variations |
| » |
Dynamic Peers |
| » |
Transparent Mode |
| » |
Overlapping Addresses |
| » |
Lab 2: VPN Variations |
|
|
|
| |
| Chapter 4: Hub-and-Spoke VPNs |
| » |
Concepts |
| » |
Policy-Based Hub-and-Spoke |
| » |
Route-Based Hub-and-Spoke VPNs with No Policy and NHTB |
| » |
Route-Based Hub-and-Spoke VPNs with Policy |
| » |
Centralized Control Hub-and-Spoke VPNs |
| » |
ACVPNs |
| » |
Lab 3: Hub-and-Spoke VPNs |
|
|
|
| |
| Chapter 5: Routing over VPNs |
| » |
Routing Overview |
| » |
Configuring RIP |
| » |
Configuring OSPF |
| » |
Case Studies |
| » |
Lab 4: Dynamic Routing |
|
|
|
| |
| Day Two |
| |
| Chapter 6: Using Certificates |
| » |
Concepts and Terminology |
| » |
Configuring Certificates and Certificate Support |
| » |
Configuring VPNs with Certificates |
| » |
Lab 5: Using Certificates |
|
|
|
| |
| Chapter 7: Redundant VPN Gateways (Optional) |
| » |
Redundant VPN Gateways |
| » |
Other Options |
|
|
|
| |
| Chapter 8: Generic Routing Encapsulation (Optional) |
|
|
| |
| Chapter 9: Dial-Up IPsec VPNs (Optional) |
| » |
Basic Dial-up Configuration |
| » |
Group IKE ID |
| » |
XAUTH and Shared IKE ID |
|
|
|
| |
| Appendix A: NetScreen-Remote Software (Optional) |
| » |
NS-Remote Overview |
| » |
Basic Dial-Up |
| » |
XAUTH and Shared IKE ID |
| » |
Lab 6: Dial-Up VPNs (Optional) |
|
|
|
