Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


System-Level and Device-Level VPN Using NSM Overview


With Network and Security Manager (NSM), you can use basic networking principles and your Juniper Networks security devices to create VPNs that connect your headquarters with your branch offices and your remote users with your protected networks.

NSM supports tunnel and transport modes for AutoKey IKE, Manual Key, L2TP, and L2TP-over-AutoKey IKE VPNS in policy or route-based configurations. You can create the VPN at the system-level or device-level:

  • System-Level VPN (VPN Manager)—Design a system level VPN and automatically set up connections, tunnels, and rules for all devices in the VPN.

  • Device-Level VPN (Device Manager)—Manually configure VPN information for each security device, and then add VPN rules to a security policy to create a policy-based VPN or configure routes on each security device to create a route-based VPNs.


    Each VPN that a device belongs to reduces the maximum number of templates by one. This includes VPNs configured in VPN Manager and VPNs configured at the device-level. You can apply a maximum of 63 templates to a single device.