Juniper Netscreen Dialup VPN+Firewall configuration

set auth-server "Local" id 0
set auth-server "Local" server-name "Local"
set auth default auth server "Local"
set clock "timezone" 0
set admin format dos
set admin name "netscreen"
set admin password nKVUM2rwMUzPcrkG5sWIHdCtqkAibn
set admin auth timeout 120
set admin auth server "Local"
set vrouter trust-vr sharable
unset vrouter "trust-vr" auto-route-export
set zone "Trust" vrouter "trust-vr"
set zone "Untrust" vrouter "trust-vr"
set zone "DMZ" vrouter "trust-vr"
set zone "Trust" tcp-rst
set zone "Untrust" block
unset zone "Untrust" tcp-rst
set zone "DMZ" tcp-rst
set zone "MGT" block
set zone "MGT" tcp-rst
set zone Untrust screen tear-drop
set zone Untrust screen syn-flood
set zone Untrust screen ping-death
set zone Untrust screen ip-filter-src
set zone Untrust screen land
set zone V1-Untrust screen tear-drop
set zone V1-Untrust screen syn-flood
set zone V1-Untrust screen ping-death
set zone V1-Untrust screen ip-filter-src
set zone V1-Untrust screen land
set interface "trust" zone "Trust"
set interface "DMZ" zone "DMZ"
set interface "untrust" zone "Untrust"
set interface vlan1 ip 192.168.1.1/24
set interface trust ip 192.168.1.1/24
set interface trust nat
set interface DMZ ip 192.168.4.1/24
set interface DMZ route
set interface untrust ip 192.168.16.195/24
set interface untrust route
unset interface vlan1 bypass-others-ipsec
unset interface vlan1 bypass-non-ip
set interface vlan1 ip manageable
set interface trust ip manageable
set interface DMZ ip manageable
set interface untrust ip manageable
set interface DMZ manage telnet
set interface DMZ manage snmp
set interface DMZ manage ssl
set interface DMZ manage web
set interface untrust manage ping
set interface untrust manage telnet
set interface untrust manage web
set interface "DMZ" webauth
set address "Trust" "sony" 192.168.1.0 255.255.255.0
set address "Untrust" "192.168.3.0/24" 192.168.3.0 255.255.255.0
set address "Untrust" "sony1" 192.168.2.5 255.255.255.0
set address "DMZ" "192.168.4.0/24" 192.168.4.0 255.255.255.0
set snmp name "ns100"
set user "user01" uid 1
set user "user01" ike-id u-fqdn "user01@test.com" share-limit 1
set user "user01" type ike
set user "user01" "enable"
set user "user02" uid 2
set user "user02" ike-id u-fqdn "user02@test.com" share-limit 1
set user "user02" type ike
set user "user02" "enable"
set user "user03" uid 3
set user "user03" ike-id u-fqdn "user03@test.com" share-limit 1
set user "user03" type ike
set user "user03" "enable"
set user "user04" uid 4
set user "user04" ike-id u-fqdn "user04@test.com" share-limit 1
set user "user04" type ike
set user "user04" "enable"
set user-group "dialup-user" id 1
set user-group "dialup-user" user "user01"
set user-group "dialup-user" user "user02"
set user-group "dialup-user" user "user03"
set user-group "dialup-user" user "user04"
set ike gateway "DLVPNgateway" ip 0.0.0.0 id "test" Aggr outgoing-interface "untrust" preshare "netscreen" proposal "pre-g2-des-md5"
unset ike gateway "DLVPNgateway" nat-traversal
set ike gateway "sz-1" ip 0.0.0.0 id "test1" Aggr outgoing-interface "untrust" preshare "netscreen" proposal "pre-g2-des-md5"
unset ike gateway "sz-1" nat-traversal
set ike gateway "dialup-gateway" dialup "dialup-user" Aggr outgoing-interface "untrust" preshare "netscreen" proposal "pre-g2-des-md5"
unset ike gateway "dialup-gateway" nat-traversal
set ike policy-checking
set ike respond-bad-spi 1
set vpn "sony-192.168.2.5" id 1 manual 3001 3001 gateway 1.1.1.2 outgoing-interface "untrust" esp des password netscreen auth sha-1 password netscreen
set vpn "antaivpn" id 2 manual 3002 3002 gateway 1.1.1.3 outgoing-interface "untrust" esp des password netscreen auth sha-1 password netscreen
set vpn "DaLian-BeiJing" id 3 gateway "DLVPNgateway" no-replay tunnel idletime 0 proposal "g2-esp-des-md5"
set vpn "DaLian-BeiJing" monitor
set vpn "sz-2" id 5 gateway "sz-1" replay tunnel idletime 0 proposal "g2-esp-des-md5"
set vpn "sz-2" monitor
set vpn "dialup-ike" id 7 gateway "dialup-gateway" no-replay tunnel idletime 0 proposal "g2-esp-des-md5"
set ike id-mode subnet
set xauth lifetime 480
set xauth default auth server Local
set policy id 13 from "Untrust" to "Trust" "Dial-Up VPN" "sony" "ANY" Tunnel vpn "dialup-ike" id 8
set policy id 12 from "Untrust" to "Trust" "sony1" "sony" "ANY" Tunnel vpn "sz-2" id 6 pair-policy 11
set policy id 11 from "Trust" to "Untrust" "sony" "sony1" "ANY" Tunnel vpn "sz-2" id 6 pair-policy 12
set policy id 10 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "ANY" Permit
set policy id 9 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "SSH" Permit
set policy id 8 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "FTP" Permit
set policy id 7 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "HTTPS" Permit
set policy id 6 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "HTTP" Permit
set policy id 5 name "Created by policy wizard" from "Trust" to "Untrust" "Any" "Any" "DNS" Permit
set policy id 0 from "DMZ" to "Untrust" "192.168.4.0/24" "192.168.3.0/24" "ANY" Tunnel vpn "DaLian-BeiJing" id 4 pair-policy 1
set policy id 1 from "Untrust" to "DMZ" "192.168.3.0/24" "192.168.4.0/24" "ANY" Tunnel vpn "DaLian-BeiJing" id 4 pair-policy 0
set policy id 4 from "DMZ" to "Untrust" "Any" "Any" "ANY" Permit
set global-pro policy-manager primary outgoing-interface untrust
set global-pro policy-manager secondary outgoing-interface untrust
set nsrp interface DMZ
set pki authority default scep mode "auto"
set pki x509 default cert-path partial
set vrouter "untrust-vr"
exit
set vrouter "trust-vr"
unset add-default-route
set route 192.168.3.0/24 interface untrust gateway 192.168.16.181
set route 0.0.0.0/0 interface untrust gateway 192.168.16.1
exit