[Vpn-help] Probelems with Setting Up IPsec VPN Tunnel with Juniper SSG 5

Ali Akbar Sohanghpurwala ali at concorr.com
Mon May 25 11:15:13 CDT 2009


First let me clarify that I am new to this and may not know what I am talking about.  However, I need to setup a tunnel from my laptop running Vista 64 to the Juniper Firewall of our business.

I had initially installed version  2.1.4 of the client and later installed 2.1.5-beta with the same results.
I followed the HowtoJuniperSsg article and setup up the Juniper SSG 5 device and the client.  When I initiate the connection, the tunnel is created.  On the Policy log of the Juniper device I can see that the laptop is sending packets to the DNS Server (Microsoft Small Business Server 2008) in our subnet.  However, there is no reply from the subnet.  I am also not able to ping anything inside the subnet.  When I ping, the Policy log on the Juniper Device shows the ICMP packet was allowed through but no response from the subnet.  I checked the log for all outgoing packets from the Policy that allows access from the subnet to the internet and found no trace of a response.

My Subnet is 192.168.16.0/24
I am trying to connect from my house which as a subnet of 192.168.1.0/24

I have NAT on both ends and I can see on the Juniper log that the NATs are been detected.

The Juniper device shows that the tunnel is down although the policy shows packets passing through.

The Juniper device correctly assigns IP address the laptop from the IP Pool.

On the Policy tab of the client I have included the following Remote Network Resource 192.168.16.0/255.255.255.0 and unchecked both the Maintain Persistent Security Associations and Obtain Topology Automatically or Tunnel All.

With the exception of the tunnel the Juniper device seems to be working fine, I can access the internet from the subnet, I can connect using RWW from a remote site to the SBS 2008 Server, and also VPN (PPTP) directly to the SBS 2008 Server.

What am I doing wrong and what information would be required to troubleshoot?

Thanks in advance for your help.

Ali

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20090525/af7da177/attachment-0001.html>


More information about the vpn-help mailing list