Junxion JB110E, JB-110B manual Figure Services

Figure: Services Page (continued)

enterprise data. For a successful configuration, all settings for the VPN tunnel must be identical between the Junxion VPN and the enterprise VPN server.

Server IP. This is the IP address of your enterprise VPN server.

Server Subnet. The default configuration is 0.0.0.0/0 which will direct all traffic over the VPN. The Junxion Box also supports split tunnels with one encrypted tunnel and one open tunnel. A sample server subnet for a split tunnel would be 172.16.1.0/24.

Split tunnel VPNs should be setup with care, as a split tunnel configuration with both an enterprise VPN and access to the public Internet can inadvertently expose company resources.

My Identity and Peer Identity. Required in some configurations to identify the client or peer side of a VPN connection. If these fields are left blank, My Identity will default to the WAN IP address assigned by the carrier and Peer Identity will default to the VPN Server IP. For a fully qualified domain name (FQDN), these values should be preceded by an ‘@’ character (@www.domain.com). For user-FQDN, these values should include a username (user@domain.com).

NTP Server. The Network Time Protocol Server ensures the clock on the Juxnion VPN is synched to standard time. The default NTP server is pool.ntp.org. You can specify any preferred NTP server.

Phase 1 DH Group. Determines how the Junxion VPN creates an SA with the VPN server. The DH (Diffie-Hellman) key exchange protocol establishes pre-shared keys during the phase 1 authentication. Junxion supports three prime key lengths, including Group 1 (768 bits), Group 2 (1,024 bits), and Group 5 (1,536 bits).