[j-nsp] Netscreen Remote VPN Client behind NAT

Alexander Shikoff minotaur at crete.org.ua
Mon Nov 23 09:45:06 EST 2009


Hello!

I'm trying to make VPN connection to Juniper J2320 with secure VPN client 
located behind NAT.

Phase 1 is completed successfully and I get login/password prompt in client.
But authentication fails: In debug on J-box I see errors:
Nov 23 13:52:22 unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Invalid packet len NAT-T IKE packet, Localip = 194.247.174.33:4500Remoteip = 91.200.193.94:55266
Nov 23 13:52:38 unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Invalid packet len NAT-T IKE packet, Localip = 194.247.174.33:4500Remoteip = 212.40.56.138:4500

NAT traversal is enabled on J2320.

Did anybody have success with running Netscreen-remote VPN client behind NAT?
Thanks in advance!

-- 
MINO-RIPE


More information about the juniper-nsp mailing list