No access to CLI

  • I don’t have access to the CLI and was just wondering whether I would be able to do all these actions via the webgui ?

    The example isn’t very clear ? A picture showing the setup would’ve been good !

    Just wondering ? Can someone please confirm… = fixed ip of client outside firewall ? is the MIP. public ip ?
    is the ip of the firewall ? or the internal ip ?

    set interface tunnel.1 zone Untrust-Tun
    --------- Untrust-Tun is the Tunnel type zone, carrier zone that helps encryption-decryption

    set interface tunnel.1 ip
    --------- Fixed IP on the tunnel interface

    Not sure whether the 2 set interfaces commands are 1 or 2 steps ? First step looks like
    Network --> Interfaces --> New (Tunnel IF)
    Should it be Fixed IP or Unnumbered ?

    And would I be able to set 1 ip address with subnet 32 instead of 24 ?

    set interface tunnel.1 mip host netmask
    ---------- MIP will be used by the cisco-remote network to connect to server behind the Juniper firewall’s local network

    set route interface tunnel.1
    ---------- A route needs to be added to send the traffic to the tunnel interface

    Question, how can you redirect only certain Dial-Up VPN to a certain IP ?

    set ike gateway Netscreen-Cisco-IKE address main outgoing-interface ethernet4 preshare test sec-level standard
    --------- Phase 1 configuration

    set vpn Netscreen-Cisco-VPN gateway Netscreen-Cisco-IKE sec-level standard
    --------- Phase 2 configuration

    set vpn Netscreen-Cisco-VPN bind zone Untrust-Tun
    --------- Bind Tunnel Zone (Juniper firewall will recognize the MIP configured on the tunnel interface)

    set policy from untrust to trust MIP ( any tunnel vpn Netscreen-Cisco-VPN log
    set policy from trust to untrust any tunnel vpn Netscreen-Cisco-VPN log