[Vpn-help] Netscreen/Juniper xauth
Matthew Grooms
mgrooms at shrew.net
Tue Jan 22 23:51:29 CST 2008
James Angi wrote:
> I’m having trouble getting a tunnel to work between Shrew and Netscreen
> running ScreenOS 5.1. The netscreen is complaining that a phase2 packet
> was sent while xauth was pending. Any ideas? I found the Juniper guide
> in the list archives and that is how I setup my config. I’ve tried
> various combination, and although it’s a completely different error I
> can’t get a non-xauth tunnel up either.
>
James,
The only problem I see with the log output you sent are the following
lines ...
ii : received xauth result
!! : user test authentication failed
I don't understand this as the gateway has sent config information as if
the authentication has succeeded. Have you double checked the Xauth user
name and password you configured for testing?
The only Juniper gateway I have in my lab is an SSG which runs a later
version of code ( 5.4.0 ). I can confirm that both the 2.0.3 and 2.1.0
client builds work well with this device using Xauth. I have also setup
the 2.1.0 alpha 5 version for a client of mine using a 5GT ( 5.0.0 code
) which seems to work well. The later version has quite a few bug fixes
and improvements over the 2.0.3 version even though it is marked alpha.
Have you tried this out yet?
Thanks,
-Matthew
More information about the vpn-help
mailing list