Importing IPsec VPNs

Junos Space Security Director lets you import your existing large and complex VPN configurations into Security Director. You do not have to recreate the same VPN environment to allow Security Director to manage it. During the VPN import, all VPN-related objects are also imported along with the VPN.


To import a VPN:

  1. Select IPSec VPN > IPSec VPNs.

    The existing VPNs are listed on the right pane.

  2. Select Import VPN from the More option.

    The Import VPN page appears.

  3. Click Next.

    The Select Devices page appears. You can select one or more devices from which the VPN configuration must be imported. The filter option enables you to perform the free text search on the device name, IP address, and device platform.

  4. Select the security device to import its VPN settings. Click Next.

    A progress bar appears showing the analysis of the device configurations.

  5. After analyzing the VPN configuration, Security Director performs the configuration parsing and the endpoint correlation. During the endpoint correlation if any conflicting configurations are found, you can either proceed to ignore the conflicts during the import and log this detail as a job or cancel the operation. Click Yes to ignore the conflicts and import the remaining configuration or No to terminate the import and proceed to the next step to select devices.

    The conflict occurs when the combination of IKE and IPsec parameters are same between the endpoints. The following points explain the scenarios under which the conflicts occur for different VPN configuration types:

    If there are no conflicts, you can directly proceed to Step 6.

  6. The Select EndPoints page appears showing the VPN settings.

    All the imported VPNs will have autogenerated names, which you have the option to modify. Click the VPN name and enter the name. There is a predefined quick filter available to list all the errors and warnings. Click the drop-down list to select the required filter parameter.

    The Select EndPoints page lists the VPNs discovered from the configuration and allows you to explore the devices, or endpoints for each of the discovered VPNs. You can also perform a free text search on the VPN name, device name, and endpoint names.

    Table 1 shows the description of each column.

    Table 278: Settings Guidelines




    Column Name


    VPNs & Local Endpoints

    Lists all the discovered VPNs and their associated devices and endpoints in a tree structure.

    Remote Endpoints

    Shows matching endpoint details.


    Displays any information, error, and warning messages detected during the import.

  7. The Summary page appears. All the VPNs listed on this page are saved in the Security Director database for further management.

    Click Finish. A progress bar appears showing the progress of the import. Once the import is successful, you can manage the VPNs from the VPN landing page.

  8. The final summary page appears showing the number of VPNs, devices, and endpoints imported. To view the complete job details, click full log details. The Job Details page appears.
  9. Click Close. All the imported VPN configurations appear on the VPN landing page.

    Note At any point of the import workflow, you can choose to exit. All your settings and progress are discarded.