[vpn-help] Juniper SSG HowTo Subnet Mask
Lars Vik
lars at 3056.net
Sat Mar 2 14:15:34 CST 2013
OK, I am just trying to understand what you are trying to accomplish. It
is from the VPN client you want to ping/access the devices on the subnet
from, right? Usually, well at least on SSG, you have security zones,
trust, dmz, untrust, etc. The VPN clients will come from the untrust
zone. You will need to use a different subnet for the VPN clients, and
add policies to allow traffic from untrust (VPN-dialup) to (and from)
the different zones and subnets. You can set granular access on
tunnels/IKE level.
On 02.03.2013 20:17, info wrote:
> For tech support purposes I need to "see" or be able to ping all
> devices on the subnet. They typically have web browser interfaces, and
> plugging in 10.1.X.YY for example, will take me right there for me to
> access.
>
> -Dennis
>
>
> -------- Original Message --------
>> Why would you want anything but a /32 to a VPN client IP?
>>
>> Sent from my iPhone
>>
>> On 2. mars 2013, at 17:44, info <info at customautomation.com
>> <mailto:info at customautomation.com>> wrote:
>>
>>> Hello All,
>>>
>>> I just implemented the SSG HowTo, using a Juniper SSG5 and Shrew VPN
>>> Client 2.1.7, and it works as advertised thank you. The rub is that
>>> the assigned IP address coming from the SSG IP Pool to my PC has a
>>> subnet mask of 255.255.255.255. I'd like it to be 255.255.0.0. I
>>> assume this is controlled by the SSG, but don't see an obvious
>>> setting for it. Anybody have suggestions?
>>>
>>> Thanks,
>>> -Dennis
>>> _______________________________________________
>>> vpn-help mailing list
>>> vpn-help at lists.shrew.net <mailto:vpn-help at lists.shrew.net>
>>> https://lists.shrew.net/mailman/listinfo/vpn-help
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shrew.net/pipermail/vpn-help/attachments/20130302/7e7969c2/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4444 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.shrew.net/pipermail/vpn-help/attachments/20130302/7e7969c2/attachment.bin>
More information about the vpn-help
mailing list