{"id":317,"date":"2009-09-12T15:55:27","date_gmt":"2009-09-12T15:55:27","guid":{"rendered":"https:\/\/fir3netwp.gmsrrpobkbd.com\/2009\/09\/12\/netscreen-ac-vpn\/"},"modified":"2021-07-24T18:58:37","modified_gmt":"2021-07-24T18:58:37","slug":"netscreen-ac-vpn","status":"publish","type":"post","link":"https:\/\/www.fir3net.com\/Firewalls\/Juniper\/netscreen-ac-vpn.html","title":{"rendered":"Netscreen – AC-VPN"},"content":{"rendered":"

AC-VPN<\/strong>
<\/span><\/p>\n

Auto-connect VPN works with a hub and spoke setup. Once static VPNs have been configured between all the spokes and the hubs, AC-VPN and NHRP (Next Hop Routing Protocol) is configured on each spoke and the hub.
When traffic is initiated between 2 spokes the traffic is passed via the hub while a dynamic tunnel is established between the 2 spokes. Once this tunnel is established the traffic is passed between the 2 spokes and the previous tunnel terminated.<\/p>\n

NHRP<\/strong><\/span><\/p>\n

The Hub in the hub and spoke network is classed as the “Next Hop Server” (NHS) and the spoke is referred to as the “Next Hop Client”. Messages are then exchanged between the client and the server using NBMA (Non Broadcast Multi Access) messages. By default there are 7 types of NBMA messages along with 2 more that are added by the Netscreen. These are :<\/p>\n

<\/span><\/p>\n