[j-nsp] vSRX Policy-based VPNs - unsupported platform
Jed Laundry
jlaundry at jlaundry.com
Fri Jul 15 03:28:32 EDT 2016
Hi Folks,
I'm looking at converting our aged hardware SRX's onto vSRX, but I
seem to have hit a big scary warning when staging config for
policy-based VPNs, see below:
security {
policies {
from-zone zone-lab to-zone zone-internet {
policy policy-test-ipsec {
match {
source-address addr-lab-testbox;
destination-address addr-remote-testbox;
application any;
}
then {
permit {
##
## Warning: configuration block ignored:
unsupported platform (vsrx)
##
tunnel {
ipsec-vpn vpn-remote;
}
}
}
This is vSRX 15.1X49-D40.6 on VMware. It's just the trial version, I
haven't bought a licence yet.
I haven't yet been able to test if this does or doesn't work (next
week), but the warning doesn't look good.
Is anyone else using vSRX with policy-based VPNs?
Is there something fundamental that I've missed, or a configuration
tweak necessary to convert 12.1 config to 15.1?
Thanks,
Jed.
More information about the juniper-nsp
mailing list