ipsec-vpn dynamic-vpn-test; user {

f_changxin01; f_yimin01; luhongc; s_aijian01; s_caitong01; s_dongfang01; s_dongwu01; } } }

access {

s_hongyuan01; s_huatai01; s_shenywg01; s_xiangcai01; s_zheshang01; s_zhongxjt01; sscc; vpntest1; vpntest2; vpntest3; vpntest4; vpntest5; } }

client2 {

remote-protected-resources { 192.168.3.0/24; }

remote-exceptions { 0.0.0.0/0; }

ipsec-vpn dynamic-vpntest1; user { sscc;

vpntest11; vpntest12; vpntest13; vpntest14; vpntest15; } } profile ACS_Radius {

authentication-order radius; radius-server {

60.60.60.1 secret \0OX7-V24JGDkmf\ } }

profile dynamic_vpn { client luhongc { firewall-user {

password \0BEP5BEcyW8ZUjHP5z36AuO\ } }

client sscc {

firewall-user {

password \ } } }

firewall-authentication { web-authentication {

default-profile ACS_Radius; banner {

success \ } }

} }

access-profile ACS_Radius;

[edit] root#

4 测试

4.1 登录界面

4.2 输入用户名和密码

4.3 WEB认证成功之后，SRX提示自动会下软件到客户端

也可以手动下载到客户端进行安装

点击此处手工进行下载和安装 4.4 安装成功之后，利用Juniper Networks Access Manager进行IPSEC VPN连接

输入用户名和密码，此处的用户名和密码由RADIUS服务器设置

连接成功后，会显示已连接到VPN GW上去