[vpn-help] Juniper SRX210 NAT-T problems
Kevin VPN
kvpn at live.com
Wed Jul 20 21:03:18 CDT 2011
On 07/05/2011 05:06 AM, Gergely Kiss wrote:
> Dear List!
>
> I'm having problems while connecting to a Juniper SRX210 firewall
> running JunOS 11.1R1.10. I'm using the latest stable Shrewsoft client
> (2.1.7) on Windows 7 (but the issue happens on Windows XP, too).
>
> If I try to connect from a device with a public IP-address, like a
> mobile broadband connection (without using NAT-T), everything works
> perfectly, but if I connect through a NAT device (Linksys WRT54GS), the
> connection works only for 6-7 minutes and then it terminates with no
> particular reason (the error message is: "session terminated by gateway").
>
...
>
> I already tried debugging both ends, but I found nothing helpful in the
> logs (except some "config packet ignored" messages on the client). I
> already tried upgrading to the latest beta release (2.2.0-beta-1), but
> the issues still exists.
>
Hi Gergely,
It might be that the Dead Peer Detection is somehow failing... that
usually is 5 minutes or so. When you did the debug trace, did you see
DPD messages (DPDV1-R-U-THERE) going back and forth?
You could try disabling Dead Peer Detection in the Shrew site
configuration...
More information about the vpn-help
mailing list