[j-nsp] Netscreen vpn

Stefan Fouant sfouant at gmail.com
Sat May 17 12:22:33 EDT 2008


'get interface' from the CLI or 'Network > Interfaces' from the WebUI.

Stefan Fouant

On Sat, May 17, 2008 at 12:16 PM, sunnyday <cscosunny at gmail.com> wrote:
> And another question how can I tell to which zone the tunnel interface is
> bound?
>
> -----Original Message-----
> From: Stefan Fouant [mailto:sfouant at gmail.com]
> Sent: Saturday, May 17, 2008 6:58 PM
> To: sunnyday
> Cc: Juniper-Nsp; nn at compsoc.com
> Subject: Re: [j-nsp] Netscreen vpn
>
> There is just not enough information supplied to determine the
> problem.  Is the tunnel interface bound to the Trust zone, or the
> Untrust zone?  If it's bound to the Trust zone and you haven't
> explicity blocked intrazone traffic then you don't need a policy.  Are
> you using any other Virtual-Routers other than the Trust-VR?  If so,
> you'll need to configure Inter-VR routing.  Have you enabled ping on
> the Trust interface?  I think it's enabled by default on the Trust
> interface but you might want to double check.  Can you describe your
> configuration in more detail?
>
> Stefan Fouant
>
> On Sat, May 17, 2008 at 6:02 AM, sunnyday <cscosunny at gmail.com> wrote:
>>
>>
>> Hello I have configured a dialup vpn and successfully created the tunnel
> and
>> received ip address but I cannot manage to ping the netscreen`s
>>
>> Trust interface. The ip address the vpn has is 10.250.250.1 and the trust
>> interface is 192.168.10.1. I  tried with static routes and  policies
>>
>> With no result  can you please help me out with this one?
>>
>> Thank you
>>
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>
>
>


More information about the juniper-nsp mailing list