[j-nsp] SSG Issue

Dan Goscomb dang at goscomb.net
Mon Oct 6 13:00:48 EDT 2008


Hi All

Not sure if this is really the place, but i'm stumped.

I have a dialup vpn set up with netscreen remote. All auths fine and
netscreen remote says its connected. The bi-directional vpn policy is
set, exactly as in the docs, to tunnel traffic. 

    ID From     To       Src-address  Dst-address  Service
Action State   ASTLCB
    12 Trust    Untrust  10.1.2.0/24  Dial-Up VPN  ANY
Tunne~ enabled ---X-X
    11 Untrust  Trust    Dial-Up VPN  10.1.2.0/24  ANY
Tunne~ enabled ---X-X


However, that policy logs all the traffic as dropped with "Close - RESP"
or "Traffic Denied".

PID 11, from Untrust to Trust, src Dial-Up VPN, dst 10.1.2.0/24, service
ANY, action Tunnel
Total traffic entries matched under this policy = 61
==============================================================================================
Date       Time       Duration Source IP        Port Destination IP
Port Service  SessionID
Reason                         Xlated Src IP    Port Xlated Dst IP
Port ID
==============================================================================================
2008-10-07 00:56:59    0:00:00 192.168.90.1    49215 10.1.2.6
3389 TCP PORT 3389 0
Traffic Denied                 0.0.0.0             0 0.0.0.0
0


Has anyone seen this before and knows a quick fix?

Cheers

Dan



More information about the juniper-nsp mailing list