[j-nsp] SRX 300 VPN

Louis Kowolowski louisk at cryptomonkeys.org
Thu May 24 18:44:29 EDT 2018 

This may not work on Junos 18, I haven't done anything with it since Junos 12), and it doesn't use any native clients, but I got it working following this
https://www.cryptomonkeys.com/2013/10/juniper-srx-mobile-ipsec/ <https://www.cryptomonkeys.com/2013/10/juniper-srx-mobile-ipsec/>


> On May 24, 2018, at 2:46 PM, Łukasz Trąbiński <lukasz at trabinski.net> wrote:
> 
> Hi
> 
> I’m trying setup dynamic VPN (using 18.1R1.9) on SRX 300 - I want to have access from internet to my home network.
> 
> First, I’m confused about vpn client. Should I use Junos Pulse?  I’t looks like not supported by Juniper right now (latest version is from 2015).  Should I use Pulse Secure?
> I’ts possible to use „native” vpn client from mac os x or Windows?  I also found information that Dynamic VPN is not supported on new SRX boxes.
> If it still supported, where I can find newest documentation how to correctly setup?
> 
> Of course I tried confgiure vpn tunel but without success. Below, fragment form logs / trace debug:
> 
> [May 21 10:48:38]IKEv1 packet R(<none>:500 <- xx.xx.xx.xx :500): len=   40, mID=125b77cb, HDR, N(NO_PROPOSAL_CHOSEN)
> [May 21 10:48:38]ike_st_i_n: Start, doi = 1, protocol = 1, code = No proposal chosen (14), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ...
> [May 21 10:48:38]<none>:500 (Responder) <-> xx.xx.xx.xx:62252 { c14a7f01 1d013489 - 82bf44a1 0fddfa77 [0] / 0x125b77cb } Info; Received notify err = No proposal chosen (14) to isakmp sa, delete it
> 
> Where I can find some examples of proper configuration dynamic vpn for actual version of Junos?
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

--
Louis Kowolowski                                louisk at cryptomonkeys.org <mailto:louisk at cryptomonkeys.org>
Cryptomonkeys:                                   http://www.cryptomonkeys.com/ <http://www.cryptomonkeys.com/>

Making life more interesting for people since 1977

More information about the juniper-nsp mailing list