AJVI - Advanced Juniper Networks IPSec VPN Implementations

2 Day Course
Hands On
Official Juniper Curriculum

Book Now - 1 Delivery Method Available:

Classroom Virtual Classroom Private Group - Virtual Self-Paced Online


This two-day, advanced-level course focuses on the wide range of options available when configuring VPNs using Juniper Networks firewall/VPN products. Students attending the course will learn these various deployments through detailed lectures and hands-on lab exercises. This course is based on ScreenOS version 6.3r14.


After successfully completing this course, you should be able to:

  • Configure LAN-to-LAN IPSec VPNs in various configurations.
  • Configure VPN redundancy.
  • Configure dynamic routing using IPSec VPNs.
  • Configure remote access IPSec connectivity including group IKE and shared IKE.
  • Configure GRE tunnels.

Target Audience

This course is intended for network engineers, network support personnel, and reseller support.

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.


Hide all

ScreenOS VPN Basics Review (4 topics)

  • VPN Review
  • Verifying Operations
  • VPN Monitor
  • Lab 1: VPN Review

VPN Variations (4 topics)

  • Dynamic Peers
  • Transparent Mode
  • Overlapping Addresses
  • Lab 2: VPN Variations

Hub-and-Spoke VPNs (7 topics)

  • Concepts
  • Policy-Based Hub-and-Spoke
  • Route-Based, with No Policy, and NHTB
  • Route-Based with Policy
  • Centralized Control
  • AutoConnect-Virtual Private Networks
  • Lab 3: Hub-and-Spoke VPNs

Routing over VPNs (5 topics)

  • Routing Overview
  • Configuring RIP
  • Configuring OSPF
  • Case Studies
  • Lab 4: Dynamic Routing

Using Certificates (4 topics)

  • Concepts and Terminology
  • Configuring Certificates and Certificate Support
  • Configuring VPNs with Certificates
  • Lab 5: Using Certificates

Redundant VPN Gateways (Optional) (3 topics)

  • Redundant VPN Gateways
  • Other Options
  • Demo: Redundant VPN Gateways

Generic Routing Encapsulation (Optional) (1 topic)

  • Configuring GRE

Dial-Up IPSec VPNs (3 topics)

  • Basic Dial-up Configuration
  • Group IKE ID
  • XAUTH and Shared IKE ID


Prerequisites for this course include the following:

  • Completion of the Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV) course or equivalent experience with ScreenOS software.
  • General networking knowledge, including Ethernet, TCP/IP, and routing concepts. 

Course PDF


Share this Course


Recommend this Course