[j-nsp] SRX 300 VPN

Łukasz Trąbiński lukasz at trabinski.net
Thu May 24 15:46:24 EDT 2018


I’m trying setup dynamic VPN (using 18.1R1.9) on SRX 300 - I want to have access from internet to my home network.

First, I’m confused about vpn client. Should I use Junos Pulse?  I’t looks like not supported by Juniper right now (latest version is from 2015).  Should I use Pulse Secure?
I’ts possible to use „native” vpn client from mac os x or Windows?  I also found information that Dynamic VPN is not supported on new SRX boxes.
If it still supported, where I can find newest documentation how to correctly setup?

Of course I tried confgiure vpn tunel but without success. Below, fragment form logs / trace debug:

[May 21 10:48:38]IKEv1 packet R(<none>:500 <- xx.xx.xx.xx :500): len=   40, mID=125b77cb, HDR, N(NO_PROPOSAL_CHOSEN)
[May 21 10:48:38]ike_st_i_n: Start, doi = 1, protocol = 1, code = No proposal chosen (14), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ...
[May 21 10:48:38]<none>:500 (Responder) <-> xx.xx.xx.xx:62252 { c14a7f01 1d013489 - 82bf44a1 0fddfa77 [0] / 0x125b77cb } Info; Received notify err = No proposal chosen (14) to isakmp sa, delete it

Where I can find some examples of proper configuration dynamic vpn for actual version of Junos?

More information about the juniper-nsp mailing list