Re: mutiple untrust adsl , from trust to untrust only Translated Source...
Hi,First, I setup ethernet0/1 (1.1.1.254/24 ) & ethernet0/2 (2.2.2.254/24) Secound, I setup ethernet1/0 (3.3.3.254/24) and MIP --> NAT Policytks
View ArticleDial-up VPN to SSG-350 (site to site VPN)
Hello, A dialup VPN client want to access some services in one of the VPN sites. Dialup VPN Client <----------> Site A <----------> Site B172.31.99.63 192.168.135.0/24...
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
Hello, On Site A, Is dial up VPN using same interface to terminate as that of Site to Site VPN with B? Regards, Rushi
View ArticleClik here to view.
Re: Dial-up VPN to SSG-350 (site to site VPN)
Hello, I think one of these two tunnels should be route based VPN. Regards, Rushi
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
Can I make another route based tunnel in the same outgoing interface?
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
Hello, For the same peer B when policy based with peer B is active? No. Regards, Rushi
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
Hello Rtilak, Sorry, I don't get your meaning. Do you mean Site A to Site B Policy based active or not?It is in active state. Site A (single subnet) is accessing Site B (mulit subnets). All of these...
View ArticleRe: mutiple untrust adsl , from trust to untrust only Translated Source...
Sorry for the confustion, I am asking about your security policy setup. Your MIP security policy should be before your general internet policy on this menu: Policy > Policies Trust to Untrust Also...
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
Hello, You can have combination of route & policy based tunnel using same external interface. Regards, Rushi
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
Hello, Could you show me what configuration that I need to do?Will it cause the existing tunnel temporary disconnected during the reconfiguration? Thanks
View ArticleRoute Sync in ISG
For the command - "set nsrp rto-mirror route", if we are using VSD-ID 1 (one VSD only). Can i go ahead with this command Or the VSD-ID have to have be 0. If so, is there any other way to sync the...
View ArticleRe: Route Sync in ISG
This command is only supported for vsd 0. https://kb.juniper.net/InfoCenter/index?page=content&id=KB15690
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
Hi, I hope, nothing would have been changed in the config. Can you please get the below information: 1: get sa2: get sa id <id number of the dialup vpn from the previous command> , e.g. get sa id...
View ArticleRe: mutiple untrust adsl , from trust to untrust only Translated Source...
Policies are fine. This sounds more like a routing issue. In order for trust to untrust traffic to use the MIP, the egress interface has to be the one that the MIP is configured on. In this case, it...
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
You are probably going to want to do a route based dial up VPN. Think of this as a hub and spoke VPN, with the dial up client being one of the spokes. Also, you are going to want to configure an IP...
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
Hello Vikassingh Dialup VPN Client <----------> Site A <----------> Site B172.31.99.63 192.168.135.0/24 192.168.96.0/20 I tried to add untrust to untrust policy in...
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
I understand that below is your client tunnel: HEX ID Gateway Port Algorithm SPI Life:sec kb Sta PID vsys0000801b< 223.197.162.232 500 esp:3des/sha1...
View ArticleRe: Dial-up VPN to SSG-350 (site to site VPN)
Hello Vikas, I made two filter1. 172.31.99.63 to 192.168.135.1.2. 172.31.99.63 to 192.168.99.109 In firewall policy, I found below traffic flow.you can refer to the attachment Thanks,Kay
View Article