[j-nsp] Site-To-Site VPN woes again
Mattias Gyllenvarg
mattias at gyllenvarg.se
Fri May 2 09:33:13 EDT 2014
Hi All
I have been cracking my skull on this one for a while now and I am not
getting anywhere I want to go. So, here is a nut for anyone proficient in
Site-To-Site VPN with PKI and Distinguished names on SRX.
TLDR; New installation of a setup I already have working on a global scale.
Only difference in HW is a SRX210HE2 as HUB compared to a 240 in the
working installation.
Error is NO proposal chosen. I get this even if I try it with static IPs
and PSK.
Junos is [12.1X44-D20.3]
Waiting to try [12.1X44-D30.4] but I dont have it yet.
So, I have double checked the proposals (they come from a template) many
times.
Removed and reapplied all security config. Reloaded and so on.
st0.0 is in trusted and all policies are in place.
Can't find a known bug or deeper troubleshooting help then check your
proposals, for this error.
--
*Best Regards*
*Mattias Gyllenvarg*
More information about the juniper-nsp
mailing list