[vpn-help] Does ShrewSoft VPN client work with Juniper SSG20 Firmware v6.1?

Marcus Macro macro.marcus at gmail.com
Sat Mar 26 07:58:54 CDT 2011


Hi ShrewSoft Team,

I'm trying to get the ShrewSoft VPN client to work with my Juniper SSG20
(Firmware v6.1), but am encountering errors when I try to connect.

I've exactly followed the directions here:
http://www.shrew.net/support/wiki/HowtoJuniperSsg

When setting up the VPN client config, I used the example config file and
just tweaked the user/pass/presharedkey/ids/IP settings to match my setup:
http://www.shrew.net/static/howto/JuniperSsg/juniperssg.vpn

But when trying to connect, the ShrewSoft VPN client says this:

bringing up tunnel ...
negotiation timout occurred
tunnel disabled
detached from key daemon ...

And the Juniper logs says this:
Rejected an IKE packet on ethernet0/0 from 99.99.99.99:500 to88.88.88.88:500
with cookies 7393deb8306c7e69 and 0000000000000000 because an initial Phase
1 packet arrived from an unrecognized peer gateway.

It is the same issue that a few people have reported on this forum here, so
it seems to not be a completely unique problem
http://forums.juniper.net/t5/ScreenOS-Firewalls-NOT-SRX/VPN-clients-for-64-bit-OS-I-continue-to-get-phase-1-errors/td-p/35123

I would really love some help with this issue, as I don't have a whole lot
of sys admin experience and can't find much documentation online - any
advice at all would be helpful. I've posted all my system details below.

Many thanks
-Marcus

////////////////////////////
// SYSTEM DETAILS
////////////////////////////

*VPN Client Version*
ShrewSoft VPN Client 2.1.7

*Windows OS Version*
Win7 Professional 32bit

*Gateway Make/Model?*
Juniper SSG20

*Gateway OS Version*
Hardware Version: 710(0)
Firmware Version: 6.1.0r2.0 (Firewall+VPN)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110326/007db9c0/attachment-0001.html>


More information about the vpn-help mailing list