[vpn-help] Juniper SSG5 VPN connect Issue

Stian Jordet liste at jordet.net
Wed Mar 24 05:10:52 CDT 2010

Den 15.03.2010 18:22, skrev Luke LeBoeuf:
> Matt,
>       Thanks again. That worked! the tunnel is now established, but now I
> can not seem to get to any device on the VPN network. The tunnel shows
> up, the firewall logs show a good connection, but I can not navigate to
> any devices on the gateway side (i.e. rdp, netbios, ssh, etc.) Any
> ideas? Do I need to add additional policies that allow all traffic to
> certain devices? I thought the vpn policy would have taken care of that
> ( Source = DialupVPN to Internal-net ( any service, none
> (all) application, action=tunnel, tunnel=vpnclient_tunnel). The VPN rule
> is at the top of the list for the inbound (untrust to trust) rules, is
> that acceptable?

If your vpn-tunnel is coming in on an interface on your Untrust virtual 
router, you need to either enable "Auto Export Route to Untrust-VR" on 
your Trust-VR, or manually set up destination routing in your Untrust-VR.

If your tunnel is coming in on the same virtual router as the network 
you are trying to reach, I don't know what's wrong, but you can debug it 
with debug flow basic.


More information about the vpn-help mailing list