[j-nsp] SRX 300 VPN

Roger Wiklund roger.wiklund at gmail.com
Fri May 25 14:37:54 EDT 2018


Juniper sold Junos Pulse and that became Pulse Secure.

The SRX300 supports SSL VPN but requires the third party NCP client (not
free).

For "free" SSL VPN use OpenVPN or download Pulse Connect Secure VM: (no
time limit, 3 users)

https://www.pulsesecure.net/trynow/pulse-connect-secure/
https://www.pulsesecure.net/trynow/client-download/

For IKEv2 both Windows 10 and Mac OS X clients should work.

Did you try this config?

https://www.juniper.net/documentation/en_US/junos/topics/example/vpn-security-dynamic-example-configuring.html








On Fri, May 25, 2018 at 12:44 AM, Louis Kowolowski <louisk at cryptomonkeys.org
> wrote:

> This may not work on Junos 18, I haven't done anything with it since Junos
> 12), and it doesn't use any native clients, but I got it working following
> this
> https://www.cryptomonkeys.com/2013/10/juniper-srx-mobile-ipsec/ <
> https://www.cryptomonkeys.com/2013/10/juniper-srx-mobile-ipsec/>
>
>
> > On May 24, 2018, at 2:46 PM, Łukasz Trąbiński <lukasz at trabinski.net>
> wrote:
> >
> > Hi
> >
> > I’m trying setup dynamic VPN (using 18.1R1.9) on SRX 300 - I want to
> have access from internet to my home network.
> >
> > First, I’m confused about vpn client. Should I use Junos Pulse?  I’t
> looks like not supported by Juniper right now (latest version is from
> 2015).  Should I use Pulse Secure?
> > I’ts possible to use „native” vpn client from mac os x or Windows?  I
> also found information that Dynamic VPN is not supported on new SRX boxes.
> > If it still supported, where I can find newest documentation how to
> correctly setup?
> >
> > Of course I tried confgiure vpn tunel but without success. Below,
> fragment form logs / trace debug:
> >
> > [May 21 10:48:38]IKEv1 packet R(<none>:500 <- xx.xx.xx.xx :500): len=
>  40, mID=125b77cb, HDR, N(NO_PROPOSAL_CHOSEN)
> > [May 21 10:48:38]ike_st_i_n: Start, doi = 1, protocol = 1, code = No
> proposal chosen (14), spi[0..0] = 00000000 00000000 ..., data[0..0] =
> 00000000 00000000 ...
> > [May 21 10:48:38]<none>:500 (Responder) <-> xx.xx.xx.xx:62252 { c14a7f01
> 1d013489 - 82bf44a1 0fddfa77 [0] / 0x125b77cb } Info; Received notify err =
> No proposal chosen (14) to isakmp sa, delete it
> >
> > Where I can find some examples of proper configuration dynamic vpn for
> actual version of Junos?
> >
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
>
> --
> Louis Kowolowski                                louisk at cryptomonkeys.org
> <mailto:louisk at cryptomonkeys.org>
> Cryptomonkeys:
> http://www.cryptomonkeys.com/ <http://www.cryptomonkeys.com/>
>
> Making life more interesting for people since 1977
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


More information about the juniper-nsp mailing list