HI all,
We have a VPN set-up on a Juniper SSG to a remote site firewall, the VPN tunnel is up
To paint the picture, we are trying to send ICMP traffic from a subnet behind the local juniper,
the source address is: 172.24.4.55
The destination is over a VPN, and is a destination address of
172.17.207.254
Now looking at the logs, everything seems to be ok up until the following outputs
Permitted by policy 1097
No src xlate NHTB entry search not found: vpn none tif tunnel.25 nexthop 172.17.207.254
matched tunnel-id <0x00000000>
packet dropped, no way(tunnel) out
the following 2 lines are the issue
matched tunnel-id <0x00000000>
packet dropped, no way(tunnel) out
so basically investigation shows that this usually occurs if there are 2 VPN tunnels bound to the same tunnel interface, however in this case, this is not, there is only the one on tunnel25
Is there anything else that could be causing this? I can provide some outputs from CLI if need be, I have checked things like routing, ACL's, tunnel settings, comparing this with another remote site they can get traffic to fine from the same source.