[j-nsp] SRX to SRX VPN
Fahad Khan
fahad.khan at gmail.com
Wed Sep 15 08:40:18 EDT 2010
"mismatch between remote-net and local-net"
can you elaborate ?
regards
Muhammad Fahad Khan
JNCIP - M/T # 834
IT Specialist
Global Technology Services, IBM
fahad at pk.ibm.com
+92-301-8247638
Skype: fahad-ibm
http://pk.linkedin.com/in/muhammadfahadkhan
On Wed, Sep 15, 2010 at 5:27 PM, Morten Isaksen <misak at misak.dk> wrote:
> I had the same problem (between a SRX and a Cisco box).
>
> It is most likely a mismatch between remote-net and local-net
> configurations on each router.
>
> Try to enable traceoptions.
>
> edit security ike traceoptions
> [edit security ike traceoptions]
> set file size 1m
> set flag policy-manager
> set flag ike
> set flag routing-socket
> commit
>
> And check the kmd log.
>
> /Morten
>
> On Wed, Sep 15, 2010 at 1:27 PM, Fahad Khan <fahad.khan at gmail.com> wrote:
> > Hi folks,
> >
> > I am trying to establish route based VPN between SRX3600(in Ch cluster)
> and
> > SRX210, but stuck in phase 2 (no proposal chosen)..
> >
> > has any one experienced it??
> >
> > thanks in adv
> >
> > regards,
> >
> > Muhammad Fahad Khan
> > JNCIP - M/T # 834
> > IT Specialist
> > Global Technology Services, IBM
> > fahad at pk.ibm.com
> > +92-301-8247638
> > Skype: fahad-ibm
> > http://pk.linkedin.com/in/muhammadfahadkhan
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
>
>
>
> --
> Morten Isaksen
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list