[j-nsp] IPSEC VPN

Mohammad Khalil eng.mssk at gmail.com
Wed Apr 18 02:34:12 EDT 2018


Hi all and thanks for the reply
I have the policy in place but forgot to add it:
set security zones security-zone untrust interfaces st0.1
host-inbound-traffic system-services snmp
set security zones security-zone untrust interfaces st0.1
host-inbound-traffic system-services snmp-trap

set security zones security-zone untrust host-inbound-traffic
system-services snmp
set security zones security-zone untrust host-inbound-traffic
system-services snmp-trap


On 17 April 2018 at 13:00, Louis Kowolowski <louisk at cryptomonkeys.org>
wrote:

> On Apr 17, 2018, at 2:03 AM, Mohammad Khalil <eng.mssk at gmail.com> wrote:
>
>
> Hi all
>
> I have configured an IPSEC between my SRX210 and a provider who will
> provide monitoring services
> The IPSEC is up and running and I can reach from my internal servers (LAN)
> to their monitoring servers (remote LAN) via ICMP , but they cannot pull
> any data through my SNMP
> I have configured the needed (I guess!) and do not know what is blocking
> data polling
>
> *set snmp community bbc2k4 clients 65.198.233.4/32
> set security zones security-zone untrust interfaces
> st0.1 host-inbound-traffic system-services snmpset security zones
> security-zone untrust interfaces st0.1 host-inbound-traffic system-services
> snmp-trap*
>
> If you don't have it, I think you probably need some security policy to
> allow the traffic through the SRX.
>
>
> --
> Louis Kowolowski                                louisk at cryptomonkeys.org
> Cryptomonkeys:                                   http://www.cryptomonkeys.
> com/
>
> Making life more interesting for people since 1977
>
>


More information about the juniper-nsp mailing list