[vpn-help] Juniper SSG5 VPN connect Issue
liste at jordet.net
Wed Mar 24 05:10:52 CDT 2010
Den 15.03.2010 18:22, skrev Luke LeBoeuf:
> Thanks again. That worked! the tunnel is now established, but now I
> can not seem to get to any device on the VPN network. The tunnel shows
> up, the firewall logs show a good connection, but I can not navigate to
> any devices on the gateway side (i.e. rdp, netbios, ssh, etc.) Any
> ideas? Do I need to add additional policies that allow all traffic to
> certain devices? I thought the vpn policy would have taken care of that
> ( Source = DialupVPN to Internal-net (192.168.1.0/24) any service, none
> (all) application, action=tunnel, tunnel=vpnclient_tunnel). The VPN rule
> is at the top of the list for the inbound (untrust to trust) rules, is
> that acceptable?
If your vpn-tunnel is coming in on an interface on your Untrust virtual
router, you need to either enable "Auto Export Route to Untrust-VR" on
your Trust-VR, or manually set up destination routing in your Untrust-VR.
If your tunnel is coming in on the same virtual router as the network
you are trying to reach, I don't know what's wrong, but you can debug it
with debug flow basic.
More information about the vpn-help