Understanding the Dynamic VPN and Access Manager User Experience

From the user’s perspective, creating a secure VPN tunnel consists of two simple phases:

1. Connect to the remote access server (Pre-IKE phase).

   The first time a user needs to establish a VPN tunnel, they simply navigate to https://<serverhost>/dynamic-vpn and enter their username and password in the login page that appears. Assuming that the user authenticates successfully and has administrator privileges, the Juniper Networks device (also called the remote access server) installs Access Manager on the user’s computer and provides a VPN configuration that is specific to the user.

2. Establish the VPN tunnel (IKE phase).

   The Access Manager client provides the user with a simple GUI for launching the client configuration; the client configuration does all the work of establishing and negotiating the IPsec VPN tunnel for the user. Once installed, Access Manager and the client configuration are available for future IPsec VPN sessions.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Connecting to the Remote Access Server for the First Time (Pre-IKE Phase)
• Connecting to the Remote Access Server for Subsequent Sessions (Pre-IKE Phase)
• Establishing an IPsec VPN Tunnel (IKE Phase)
• Dynamic VPN Overview