<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:Wingdings;
        panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
        {font-family:Verdana;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p
        {mso-style-priority:99;
        mso-margin-top-alt:auto;
        margin-right:0cm;
        mso-margin-bottom-alt:auto;
        margin-left:0cm;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
        {mso-style-priority:99;
        mso-style-link:"Ballontekst Char";
        margin:0cm;
        margin-bottom:.0001pt;
        font-size:8.0pt;
        font-family:"Tahoma","sans-serif";}
span.E-mailStijl18
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
span.BallontekstChar
        {mso-style-name:"Ballontekst Char";
        mso-style-priority:99;
        mso-style-link:Ballontekst;
        font-family:"Tahoma","sans-serif";}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=NL link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Erik, Team,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>I have installed the 2.1.7 client..<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>This one also fails..<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>The netscreen shows the following messages..<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:52 info IKE 82.161.95.113 Phase 2 msg ID 0446a455: Negotiations have failed. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:52 info Rejected an IKE packet on untrust from 82.161.95.113:61482 to 217.96.42.114:4500 with cookies 0fd4b672c9f148d3 and 67b7d653f9c370e9 because There were no acceptable Phase 2 proposals.. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:52 info IKE 82.161.95.113 Phase 2 msg ID 0446a455: Responded to the peer's first message. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:47 info IKE 82.161.95.113 Phase 2 msg ID 0446a455: Negotiations have failed. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:47 info Rejected an IKE packet on untrust from 82.161.95.113:61482 to 217.96.42.114:4500 with cookies 0fd4b672c9f148d3 and 67b7d653f9c370e9 because There were no acceptable Phase 2 proposals.. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:47 info IKE 82.161.95.113 Phase 2 msg ID 0446a455: Responded to the peer's first message. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:42 info IKE 82.161.95.113 Phase 2 msg ID 0446a455: Negotiations have failed. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:42 info Rejected an IKE packet on untrust from 82.161.95.113:61482 to 217.96.42.114:4500 with cookies 0fd4b672c9f148d3 and 67b7d653f9c370e9 because There were no acceptable Phase 2 proposals.. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:42 info IKE 82.161.95.113 Phase 2 msg ID 0446a455: Responded to the peer's first message. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:39 info IKE 82.161.95.113: XAuth login was passed for gateway shrew-vpn-gateway, username willem, retry: 0, Client IP Addr 192.168.255.10, IPPool name: shrew-Pool, Session-Timeout: 0s, Idle-Timeout: 0s. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:39 info IKE 82.161.95.113: XAuth login was refreshed for username willem at 192.168.255.10/255.255.255.255. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:39 info Rejected an IKE packet on untrust from 82.161.95.113:61482 to 217.96.42.114:4500 with cookies 0fd4b672c9f148d3 and 67b7d653f9c370e9 because A Phase 2 packet arrived while XAuth was still pending. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:39 info IKE 82.161.95.113 Phase 1: Completed Aggressive mode negotiations with a 28800-second lifetime. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:39 info IKE 82.161.95.113 Phase 1: Completed for user Shrew-vpn-user. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:39 info IKE<82.161.95.113> Phase 1: IKE responder has detected NAT in front of the remote device. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:39 info IKE<82.161.95.113> Phase 1: IKE responder has detected NAT in front of the local device. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:38 info IKE 82.161.95.113 phase 1:The symmetric crypto key has been generated successfully. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>2013-07-04 20:08:38 info IKE 82.161.95.113 Phase 1: Responder starts AGGRESSIVE mode negotiations.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>I check my phase 2 settings..<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>On the client: <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:version:4<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:network-ike-port:500<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:network-mtu-size:1380<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:client-addr-auto:1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:network-natt-port:4500<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:network-natt-rate:15<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:network-frag-size:540<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:network-dpd-enable:0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:client-banner-enable:0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:network-notify-enable:0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:client-dns-used:1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:client-dns-auto:1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:client-dns-suffix-auto:1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:client-splitdns-used:1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:client-splitdns-auto:1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:client-wins-used:1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:client-wins-auto:1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:phase1-dhgroup:2<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:phase1-life-secs:28800<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:phase1-life-kbytes:0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:vendor-chkpt-enable:0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:phase2-life-secs:3600<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:phase2-life-kbytes:0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:policy-nailed:0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:policy-list-auto:0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:phase1-keylen:128<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:phase2-keylen:128<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:network-host:a.b.c.d<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:client-auto-mode:push<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:client-iface:virtual<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:network-natt-mode:enable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:network-frag-mode:enable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:auth-method:mutual-psk-xauth<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:ident-client-type:ufqdn<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:ident-server-type:fqdn<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:ident-client-data:user@fqdn<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:ident-server-data:domainname<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>b:auth-mutual-psk:MmcwMEQyYmU=<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:phase1-exchange:aggressive<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:phase1-cipher:3des<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:phase1-hash:sha1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:phase2-transform:esp-3des<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:phase2-hmac:sha1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:ipcomp-transform:disabled<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>n:phase2-pfsgroup:-1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:policy-level:auto<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>s:policy-list-include:192.168.30.0 / 255.255.255.0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>On the netscreen:<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset key protection enable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set clock ntp<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set clock timezone 1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set clock dst recurring start-weekday 3 0 3 02:00 end-weekday 3 0 10 02:00<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vrouter trust-vr sharable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vrouter "untrust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vrouter "trust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset auto-route-export<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set alg appleichat enable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset alg appleichat re-assembly enable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set alg sctp enable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set auth-server "Local" id 0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set auth-server "Local" server-name "Local"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set auth default auth server "Local"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set auth radius accounting port 1646<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set admin name "support"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set admin password "nNx2MBrLIXzOcHAP8sJHT7CtbCGjCn"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set admin manager-ip 192.168.0.0 255.255.0.0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set admin manager-ip 212.104.197.64 255.255.255.224<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set admin manager-ip 83.232.94.8 255.255.255.248<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set admin manager-ip 82.161.95.113<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set admin auth web timeout 10<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set admin auth server "Local"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set admin format dos<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "Trust" vrouter "trust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "Untrust" vrouter "trust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "VLAN" vrouter "trust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "Untrust-Tun" vrouter "trust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "Trust" tcp-rst <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset zone "Untrust" block <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset zone "Untrust" tcp-rst <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "MGT" block <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset zone "V1-Trust" tcp-rst <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset zone "V1-Untrust" tcp-rst <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "VLAN" tcp-rst <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "Untrust" screen tear-drop<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "Untrust" screen syn-flood<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "Untrust" screen ping-death<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "Untrust" screen ip-filter-src<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "Untrust" screen land<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "V1-Untrust" screen tear-drop<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "V1-Untrust" screen syn-flood<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "V1-Untrust" screen ping-death<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "V1-Untrust" screen ip-filter-src<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set zone "V1-Untrust" screen land<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface "trust" zone "Trust"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface "untrust" zone "Untrust"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface "tunnel.1" zone "Untrust"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset interface vlan1 ip<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface trust ip 192.168.30.252/24<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface trust nat<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface untrust ip 217.96.42.114/30<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface untrust route<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface tunnel.1 ip unnumbered interface untrust<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset interface vlan1 bypass-others-ipsec<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset interface vlan1 bypass-non-ip<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset interface vlan1 bypass-ipv6-others-ipsec<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface vlan1 bypass-icmpv6-ndp<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface vlan1 bypass-icmpv6-mld<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset interface vlan1 bypass-icmpv6-mrd<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset interface vlan1 bypass-icmpv6-msp<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface vlan1 bypass-icmpv6-snd<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface trust ip manageable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface untrust ip manageable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface untrust manage ping<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface untrust manage ssh<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface untrust manage web<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface untrust vip interface-ip 25 "MAIL" 192.168.1.1 manual<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface trust dhcp server service<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface trust dhcp server auto<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface trust dhcp server option lease 360 <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set interface trust dhcp server ip 192.168.30.10 to 192.168.30.100 <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset interface trust dhcp server config next-server-ip<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set flow tcp-mss 1300<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set flow path-mtu<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset flow tcp-syn-check<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset flow tcp-syn-bit-check<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set flow reverse-route clear-text prefer<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set flow reverse-route tunnel always<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set domain polen.local<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set hostname FW-Polen<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set dbuf usb filesize 0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set pki authority default scep mode "auto"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set pki x509 default cert-path partial<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set dns host dns1 192.168.1.1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set dns host schedule 06:28<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set address "Trust" "LAN_polen" 192.168.30.0 255.255.255.0 "jhe 28-02-2007"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set address "Untrust" "192.168.255.0/24" 192.168.255.0 255.255.255.0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set address "Untrust" "Internet LAN" a.b.c.d 255.255.255.252 "jhe 28-02-2007 "<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set address "Untrust" "Internet Router" a.d.c.d 255.255.255.255 "jhe 28-02-2007"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set address "Untrust" "LAN_Andelst" 192.168.1.0 255.255.255.0 "jhe 28-02-2007"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set address "Untrust" "LAN_Waldheim" 192.168.10.0 255.255.255.0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ippool "shrew-Pool" 192.168.255.10 192.168.255.20<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Erik" uid 2<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Erik" ike-id u-fqdn "user@fqdn" share-limit 1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Erik" type ike<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Erik" "enable"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Martin" uid 4<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Martin" ike-id u-fqdn "user@fqdn" share-limit 1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Martin" type ike<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Martin" "enable"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Shrew-vpn-user" uid 3<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Shrew-vpn-user" ike-id u-fqdn "user@fqdn" share-limit 1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Shrew-vpn-user" type ike<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "Shrew-vpn-user" "enable"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "willem" uid 7<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "willem" type xauth<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "willem" remote ippool "shrew-Pool"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "willem" password <deleted><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset user "willem" type auth<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user "willem" "enable"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user-group "Shrew-VPN-Users" id 3<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user-group "Shrew-VPN-Users" user "Shrew-vpn-user"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user-group "VPN-Users" id 1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user-group "VPN-Users" user "Erik"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set user-group "VPN-Users" user "Martin"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set crypto-policy<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "Gateway for LAN_Andelst" address a.b.c.d Main outgoing-interface "untrust" preshare "zd/EX7JdNV+6ktsdzfC/5wmx/9nBVvDh6w==" sec-level compatible<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "Gateway for LAN_Andelst" nat-traversal<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "Gateway for LAN_Andelst" nat-traversal udp-checksum<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "Gateway for LAN_Andelst" nat-traversal keepalive-frequency 5<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "GW_vpn-user" dialup "VPN-Users" Aggr local-id "GW_vpn-user" outgoing-interface "untrust" preshare "KnhedI6qNvbKv1s+8zCiscjFEjn/V6Y2DA==" proposal "pre-g2-3des-sha" "pre-g2-3des-md5"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset ike gateway "GW_vpn-user" nat-traversal udp-checksum<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "GW_vpn-user" nat-traversal keepalive-frequency 5<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "Gateway for LAN_Waldheim" address 0.0.0.0 id "Waldheim" Aggr local-id "Polen" outgoing-interface "untrust" preshare "qy7AixgQNWCzossSZlCIaTfix8nlznNHpQ==" sec-level compatible<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset ike gateway "Gateway for LAN_Waldheim" nat-traversal udp-checksum<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "Gateway for LAN_Waldheim" nat-traversal keepalive-frequency 5<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "shrew-vpn-gateway" dialup "Shrew-VPN-Users" Aggr local-id "shrew.polen.pl" outgoing-interface "untrust" preshare "aXe1Ag/hNyCAtns/3KC1vMPOumnB6zMGag==" proposal "pre-g2-3des-sha"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "shrew-vpn-gateway" dpd-liveness interval 30<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset ike gateway "shrew-vpn-gateway" nat-traversal udp-checksum<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "shrew-vpn-gateway" nat-traversal keepalive-frequency 20<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "shrew-vpn-gateway" xauth server "Local"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset ike gateway "shrew-vpn-gateway" xauth do-edipi-auth<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike respond-bad-spi 1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "Gateway for LAN_Andelst" heartbeat hello 60<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "Gateway for LAN_Andelst" heartbeat reconnect 60<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "Gateway for LAN_Waldheim" heartbeat hello 60<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike gateway "Gateway for LAN_Waldheim" heartbeat reconnect 60<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ike ikev2 ike-sa-soft-lifetime 60<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset ike ikeid-enumeration<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset ike dos-protection<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset ipsec access-session enable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ipsec access-session maximum 5000<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ipsec access-session upper-threshold 0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ipsec access-session lower-threshold 0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ipsec access-session dead-p2-sa-timeout 0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset ipsec access-session log-error<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset ipsec access-session info-exch-connected<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset ipsec access-session use-error-log<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set xauth default dns1 192.168.30.101<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set xauth default dns2 192.168.30.101<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set xauth default wins1 192.168.30.101<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set xauth default wins2 192.168.30.101<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vpn "Tunnel for LAN_Andelst" gateway "Gateway for LAN_Andelst" no-replay tunnel idletime 0 sec-level compatible<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vpn "Tunnel for LAN_Andelst" monitor<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vpn "tunnel-vpn-user" gateway "GW_vpn-user" replay tunnel idletime 0 proposal "nopfs-esp-3des-sha"  "nopfs-esp-3des-md5" <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vpn "tunnel-vpn-user" monitor<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vpn "Tunnel for LAN_Waldheim" gateway "Gateway for LAN_Waldheim" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha"  "g2-esp-3des-md5"  "g2-esp-des-sha"  "g2-esp-des-md5" <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vpn "Tunnel for LAN_Waldheim" monitor<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vpn "Shrew-Vpn-Tunnel" gateway "shrew-vpn-gateway" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha" <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vpn "Shrew-Vpn-Tunnel" monitor<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vpn "Shrew-Vpn-Tunnel" id 0xc bind interface tunnel.1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vrouter "untrust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vrouter "trust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set l2tp "WindowsVPN-l2tp" id 1 outgoing-interface untrust keepalive 60<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set url protocol websense<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vpn "Shrew-Vpn-Tunnel" proxy-id local-ip 192.168.30.0/24 remote-ip 255.255.255.255/32 "ANY" <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 6 from "Untrust" to "Trust"  "Any-IPv4" "VIP(untrust)" "MAIL" permit log count <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 6 application "SMTP"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 6<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set log session-init<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 1 from "Untrust" to "Trust"  "LAN_Andelst" "LAN_polen" "ANY" tunnel vpn "Tunnel for LAN_Andelst" id 0x5 pair-policy 5 log count traffic mbw 1024<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set log session-init<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 8 name "LAN_Waldheim" from "Untrust" to "Trust"  "LAN_Waldheim" "LAN_polen" "ANY" tunnel vpn "Tunnel for LAN_Waldheim" id 0x8 pair-policy 9 log count traffic mbw 1024<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 8<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 5 from "Trust" to "Untrust"  "LAN_polen" "LAN_Andelst" "ANY" tunnel vpn "Tunnel for LAN_Andelst" id 0x5 pair-policy 1 log count traffic mbw 1024<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 5<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set log session-init<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 9 name "LAN_Waldheim" from "Trust" to "Untrust"  "LAN_polen" "LAN_Waldheim" "ANY" tunnel vpn "Tunnel for LAN_Waldheim" id 0x8 pair-policy 8 log count traffic mbw 1024<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 9<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 0 from "Trust" to "Untrust"  "Any-IPv4" "Any-IPv4" "ANY" permit log count <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 0<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 4 name "vpn-user" from "Untrust" to "Trust"  "Dial-Up VPN IPv4" "LAN_polen" "ANY" tunnel vpn "tunnel-vpn-user" id 0x6 pair-policy 7 log count <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 4<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set log session-init<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 7 name "vpn-user" from "Trust" to "Untrust"  "LAN_polen" "Dial-Up VPN IPv4" "ANY" tunnel vpn "tunnel-vpn-user" id 0x6 pair-policy 4 log count <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 7<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set log session-init<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 10 from "Untrust" to "Trust"  "192.168.255.0/24" "LAN_polen" "ANY" permit log <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set policy id 10<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set log session-init<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set nsmgmt bulkcli reboot-timeout 60<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ssh version v2<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ssh enable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set config lock timeout 5<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset license-key auto-update<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set telnet client enable<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ntp server "46.19.33.5"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ntp server backup1 "81.171.44.131"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set ntp server backup2 "0.0.0.0"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set modem speed 115200<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set modem retry 3<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set modem interval 10<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set modem idle-time 10<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set snmp name "zetten"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set snmp port listen 161<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set snmp port trap 162<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vrouter "untrust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vrouter "trust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>unset add-default-route<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set route 0.0.0.0/0 interface untrust gateway a.b.c.d<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set route 192.168.255.0/24 interface tunnel.1<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vrouter "untrust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>set vrouter "trust-vr"<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>exit<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Any help is appreciated.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Verdana","sans-serif";color:#1F497D'>Met vriendelijke groet, kind Regards,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Verdana","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Verdana","sans-serif";color:#1F497D'>Willem Kutschruiter<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Verdana","sans-serif";color:#1F497D'>+31653229596<o:p></o:p></span></p></div><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>Van:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> vpn-help-bounces@lists.shrew.net [mailto:vpn-help-bounces@lists.shrew.net] <b>Namens </b>Erik V<br><b>Verzonden:</b> dinsdag 2 juli 2013 13:33<br><b>Aan:</b> vpn-help@lists.shrew.net<br><b>Onderwerp:</b> [vpn-help] FW: VPN client does not work with Netscreen 5GT 6.2.0r11.0<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-family:"Calibri","sans-serif"'>Hi Willem,<br><br>If you install Shrewsoft 2.1.7 client ( It's officially not supported ) and try it agian. <br>Does it pass any traffic then?<br><br><o:p></o:p></span></p><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'><o:p> </o:p></span></p><div><div><div style='border:none;border-top:solid windowtext 1.0pt;padding:3.0pt 0cm 0cm 0cm;border-color:currentColor currentColor'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>Van:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> <a href="mailto:vpn-help-bounces@lists.shrew.net">vpn-help-bounces@lists.shrew.net</a> [<a href="mailto:vpn-help-bounces@lists.shrew.net">mailto:vpn-help-bounces@lists.shrew.net</a>] <b>Namens </b>Willem Kutschruiter<br><b>Verzonden:</b> zondag 30 juni 2013 15:00<br><b>Aan:</b> <a href="mailto:vpn-help@lists.shrew.net">vpn-help@lists.shrew.net</a><br><b>Onderwerp:</b> [vpn-help] VPN client does not work with Netscreen 5GT 6.2.0r11.0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p></div></div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>LS,</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>I would appreciate some help..</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>Im using Shrewsoft VPN client version 2.2.1 on windows 8 to connect to a netscreen 5Gt running version 6.2.0r11.0.</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>I can get it to work. </span><span lang=EN-GB style='font-family:Wingdings'>L</span><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>.. It connects but it does not passes any traffic.</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>I have looked and configured as stated on the following links:</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'><a href="https://www.shrew.net/support/Howto_Juniper_SSG" target="_blank"><span lang=EN-GB>https://www.shrew.net/support/Howto_Juniper_SSG</span></a><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'><a href="http://www.the-internet-guy.com/pdf/Juniper_firewall_setup_for_Shrewsoft_VPN_connectivity.pdf" target="_blank">http://www.the-internet-guy.com/pdf/Juniper_firewall_setup_for_Shrewsoft_VPN_connectivity.pdf</a><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'><a href="http://www.the-internet-guy.com/pdf/Shrew_VPN_Client_Setup_for_Juniper_Connectivity.pdf" target="_blank">http://www.the-internet-guy.com/pdf/Shrew_VPN_Client_Setup_for_Juniper_Connectivity.pdf</a><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'><a href="http://kb.juniper.net/InfoCenter/index?page=content&id=KB22074" target="_blank">http://kb.juniper.net/InfoCenter/index?page=content&id=KB22074</a><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'><a href="http://kb.juniper.net/InfoCenter/index?page=content&id=KB15272" target="_blank">http://kb.juniper.net/InfoCenter/index?page=content&id=KB15272</a><o:p></o:p></span></p><p class=MsoNormal><b><span style='font-family:"Calibri","sans-serif"'> </span></b><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>furthermore I have done a lot of debugging with no positive results.</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>Below the configs.. I have deleted or modified any info which could breach our security.</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>The config of the shrewsoft client side.</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:version:4</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:network-ike-port:500</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:network-mtu-size:1380</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:client-addr-auto:1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:network-natt-port:4500</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:network-natt-rate:15</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:network-frag-size:540</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:network-dpd-enable:0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:client-banner-enable:0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:network-notify-enable:0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:client-dns-used:1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:client-dns-auto:1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:client-dns-suffix-auto:1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:client-splitdns-used:1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:client-splitdns-auto:1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:client-wins-used:1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:client-wins-auto:1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:phase1-dhgroup:2</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:phase1-life-secs:28800</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:phase1-life-kbytes:0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:vendor-chkpt-enable:0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:phase2-life-secs:3600</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:phase2-life-kbytes:0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:policy-nailed:0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:policy-list-auto:0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:phase1-keylen:128</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:phase2-keylen:128</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:network-host:x.x.x.114</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:client-auto-mode:push</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:client-iface:virtual</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:network-natt-mode:enable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:network-frag-mode:enable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:auth-method:mutual-psk-xauth</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:ident-client-type:ufqdn</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:ident-server-type:fqdn</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:ident-client-data:user@domain.yy</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:ident-server-data:aa.bb.cc</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>b:auth-mutual-psk:MmcwMEQyYmU=</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:phase1-exchange:aggressive</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:phase1-cipher:3des</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:phase1-hash:sha1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:phase2-transform:auto</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:phase2-hmac:auto</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:ipcomp-transform:disabled</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>n:phase2-pfsgroup:-1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:policy-level:auto</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>s:policy-list-include:192.168.30.0 / 255.255.255.0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>the config off the netscreen 5gt..</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>FW-Polen-> get config</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>Total Config size 10407:</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset key protection enable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set clock ntp</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set clock timezone 1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set clock dst recurring start-weekday 3 0 3 02:00 end-weekday 3 0 10 02:00</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vrouter trust-vr sharable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vrouter "untrust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vrouter "trust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset auto-route-export</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set alg appleichat enable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset alg appleichat re-assembly enable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set alg sctp enable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set auth-server "Local" id 0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set auth-server "Local" server-name "Local"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set auth default auth server "Local"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set auth radius accounting port 1646</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set admin name "support"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set admin password "nNx2MBrLIXzOcHAP8sJHT7CtbCGjCn"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set admin manager-ip x.x.0.0 255.255.0.0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set admin manager-ip x.x.x.x 255.255.255.224</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set admin auth web timeout 10</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set admin auth server "Local"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set admin format dos</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "Trust" vrouter "trust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "Untrust" vrouter "trust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "VLAN" vrouter "trust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "Untrust-Tun" vrouter "trust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "Trust" tcp-rst</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset zone "Untrust" block</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset zone "Untrust" tcp-rst</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "MGT" block</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset zone "V1-Trust" tcp-rst</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset zone "V1-Untrust" tcp-rst</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "VLAN" tcp-rst</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "Untrust" screen tear-drop</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "Untrust" screen syn-flood</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "Untrust" screen ping-death</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "Untrust" screen ip-filter-src</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "Untrust" screen land</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "V1-Untrust" screen tear-drop</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "V1-Untrust" screen syn-flood</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "V1-Untrust" screen ping-death</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "V1-Untrust" screen ip-filter-src</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set zone "V1-Untrust" screen land</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface "trust" zone "Trust"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface "untrust" zone "Untrust"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface "tunnel.1" zone "Untrust"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset interface vlan1 ip</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface trust ip 192.168.30.252/24</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface trust nat</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface untrust ip x.x.x.114/30</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface untrust route</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface tunnel.1 ip unnumbered interface untrust</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset interface vlan1 bypass-others-ipsec</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset interface vlan1 bypass-non-ip</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset interface vlan1 bypass-ipv6-others-ipsec</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface vlan1 bypass-icmpv6-ndp</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface vlan1 bypass-icmpv6-mld</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset interface vlan1 bypass-icmpv6-mrd</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset interface vlan1 bypass-icmpv6-msp</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface vlan1 bypass-icmpv6-snd</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface trust ip manageable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface untrust ip manageable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface untrust manage ping</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface untrust manage ssh</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface untrust manage web</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface untrust vip interface-ip 25 "MAIL" 192.168.1.1 manual</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface trust dhcp server service</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface trust dhcp server auto</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface trust dhcp server option lease 360</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set interface trust dhcp server ip 192.168.30.10 to 192.168.30.100</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset interface trust dhcp server config next-server-ip</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set flow tcp-mss 1300</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set flow path-mtu</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset flow tcp-syn-check</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset flow tcp-syn-bit-check</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set flow reverse-route clear-text prefer</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set flow reverse-route tunnel always</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set domain polen.local</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set hostname FW-Polen</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set dbuf usb filesize 0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set pki authority default scep mode "auto"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set pki x509 default cert-path partial</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set dns host dns1 192.168.1.1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set dns host schedule 06:28</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set address "Trust" "LAN_Local" 192.168.30.0 255.255.255.0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set address "Untrust" "192.168.255.0/24" 192.168.255.0 255.255.255.0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set address "Untrust" "Internet LAN" k.l.m.173 255.255.255.252 </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set address "Untrust" "Internet Router" k.l.m.173 255.255.255.255 </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set address "Untrust" "LAN_Remote1" 192.168.1.0 255.255.255.0 </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set address "Untrust" "LAN_Remote2" 192.168.10.0 255.255.255.0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ippool "shrew-Pool" 192.168.255.10 192.168.255.20</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Erik" uid 2</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Erik" ike-id u-fqdn "<a href="mailto:user@domain.xx">user@domain.xx</a>" share-limit 1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Erik" type ike</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Erik" "enable"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Martin" uid 4</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Martin" ike-id u-fqdn "<a href="mailto:user@domain.yy">user@domain.yy</a>" share-limit 1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Martin" type ike</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Martin" "enable"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Shrew-vpn-user" uid 3</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Shrew-vpn-user" ike-id u-fqdn "<a href="mailto:user@domain.yy">user@domain.yy</a>" share-limit 1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Shrew-vpn-user" type ike</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "Shrew-vpn-user" "enable"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "willem" uid 7</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "willem" type xauth</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "willem" remote ippool "shrew-Pool"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "willem" password "JC0Ja8qyNJpwmssZ11CcReMzGlnSWZz1Jg=="</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset user "willem" type auth</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user "willem" "enable"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user-group "Shrew-VPN-Users" id 3</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user-group "Shrew-VPN-Users" user "Shrew-vpn-user"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user-group "VPN-Users" id 1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user-group "VPN-Users" user "Erik"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set user-group "VPN-Users" user "Martin"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set crypto-policy</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "Gateway for LAN_Remote1" address k.l.m.174 Main outgoing-interface "untrust" preshare "zd/EX7JdNV+6ktsdzfC/5wmx/9nBVvDh6w==" sec-level compatible</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "Gateway for LAN_Remote1" nat-traversal</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "Gateway for LAN_Remote1" nat-traversal udp-checksum</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "Gateway for LAN_Remote1" nat-traversal keepalive-frequency 5</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "GW_vpn-user" dialup "VPN-Users" Aggr local-id "GW_vpn-user" outgoing-interface "untrust" preshare "KnhedI6qNvbKv1s+8zCiscjFEjn/V6Y2DA==" proposal "pre-g2-3des-sha" "pre-g2-3des-md5"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset ike gateway "GW_vpn-user" nat-traversal udp-checksum</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "GW_vpn-user" nat-traversal keepalive-frequency 5</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "Gateway for LAN_Remote2" address 0.0.0.0 id "Waldheim" Aggr local-id "Polen" outgoing-interface "untrust" preshare "qy7AixgQNWCzossSZlCIaTfix8nlznNHpQ==" sec-level compatible</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset ike gateway "Gateway for LAN_Remote2" nat-traversal udp-checksum</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "Gateway for LAN_Remote2" nat-traversal keepalive-frequency 5</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "shrew-vpn-gateway" dialup "Shrew-VPN-Users" Aggr local-id "aa.bb.cc" outgoing-interface "untrust" preshare "aXe1Ag/hNyCAtns/3KC1vMPOumnB6zMGag==" proposal "pre-g2-3des-sha"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "shrew-vpn-gateway" dpd-liveness interval 30</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset ike gateway "shrew-vpn-gateway" nat-traversal udp-checksum</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "shrew-vpn-gateway" nat-traversal keepalive-frequency 20</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "shrew-vpn-gateway" xauth server "Local"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset ike gateway "shrew-vpn-gateway" xauth do-edipi-auth</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike respond-bad-spi 1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "Gateway for LAN_Remote1" heartbeat hello 60</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "Gateway for LAN_Remote1" heartbeat reconnect 60</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "Gateway for LAN_Remote2" heartbeat hello 60</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike gateway "Gateway for LAN_Remote2" heartbeat reconnect 60</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ike ikev2 ike-sa-soft-lifetime 60</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset ike ikeid-enumeration</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset ike dos-protection</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset ipsec access-session enable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ipsec access-session maximum 5000</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ipsec access-session upper-threshold 0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ipsec access-session lower-threshold 0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ipsec access-session dead-p2-sa-timeout 0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset ipsec access-session log-error</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset ipsec access-session info-exch-connected</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset ipsec access-session use-error-log</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set xauth default dns1 192.168.30.101</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set xauth default dns2 192.168.30.101</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set xauth default wins1 192.168.30.101</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set xauth default wins2 192.168.30.101</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vpn "Tunnel for LAN_Remote1" gateway "Gateway for LAN_Remote1" no-replay tunnel idletime 0 sec-level compatible</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vpn "Tunnel for LAN_Remote1" monitor</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vpn "tunnel-vpn-user" gateway "GW_vpn-user" replay tunnel idletime 0 proposal "nopfs-esp-3des-sha"  "nopfs-esp-3des-md5"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vpn "tunnel-vpn-user" monitor</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vpn "Tunnel for LAN_Remote2" gateway "Gateway for LAN_Remote2" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha"  "g2-esp-3des-md5"  "g2-esp-des-sha"  "g2-esp-des-md5"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vpn "Tunnel for LAN_Remote2" monitor</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vpn "Shrew-Vpn-Tunnel" gateway "shrew-vpn-gateway" no-replay tunnel idletime 0 proposal "g2-esp-3des-sha"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vpn "Shrew-Vpn-Tunnel" monitor</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vpn "Shrew-Vpn-Tunnel" id 0xc bind interface tunnel.1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vrouter "untrust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vrouter "trust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set l2tp "WindowsVPN-l2tp" id 1 outgoing-interface untrust keepalive 60</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set url protocol websense</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vpn "Shrew-Vpn-Tunnel" proxy-id local-ip 192.168.30.0/24 remote-ip 255.255.255.255/32 "ANY"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 6 from "Untrust" to "Trust"  "Any-IPv4" "VIP(untrust)" "MAIL" permit log count</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 6 application "SMTP"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 6</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set log session-init</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 1 from "Untrust" to "Trust"  "LAN_Remote1" "LAN_Local" "ANY" tunnel vpn "Tunnel for LAN_Remote1" id 0x5 pair-policy 5 log count traffic mbw 1024</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set log session-init</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 8 name "LAN_Remote2" from "Untrust" to "Trust"  "LAN_Remote2" "LAN_Local" "ANY" tunnel vpn "Tunnel for LAN_Remote2" id 0x8 pair-policy 9 log count traffic mbw 1024</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 8</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 5 from "Trust" to "Untrust"  "LAN_Local" "LAN_Remote1" "ANY" tunnel vpn "Tunnel for LAN_Remote1" id 0x5 pair-policy 1 log count traffic mbw 1024</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 5</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set log session-init</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 9 name "LAN_Remote2" from "Trust" to "Untrust"  "LAN_Local" "LAN_Remote2" "ANY" tunnel vpn "Tunnel for LAN_Remote2" id 0x8 pair-policy 8 log count traffic mbw 1024</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 9</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 0 from "Trust" to "Untrust"  "Any-IPv4" "Any-IPv4" "ANY" permit log count</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 0</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 4 name "vpn-user" from "Untrust" to "Trust"  "Dial-Up VPN IPv4" "LAN_Local" "ANY" tunnel vpn "tunnel-vpn-user" id 0x6 pair-policy 7 log count</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 4</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set log session-init</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 7 name "vpn-user" from "Trust" to "Untrust"  "LAN_Local" "Dial-Up VPN IPv4" "ANY" tunnel vpn "tunnel-vpn-user" id 0x6 pair-policy 4 log count</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 7</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set log session-init</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 10 from "Untrust" to "Trust"  "192.168.255.0/24" "LAN_Local" "ANY" permit log</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set policy id 10</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set log session-init</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set nsmgmt bulkcli reboot-timeout 60</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ssh version v2</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ssh enable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set config lock timeout 5</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset license-key auto-update</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set telnet client enable</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ntp server "46.19.33.5"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ntp server backup1 "81.171.44.131"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set ntp server backup2 "0.0.0.0"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set modem speed 115200</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set modem retry 3</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set modem interval 10</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set modem idle-time 10</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set snmp name "zetten"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set snmp port listen 161</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set snmp port trap 162</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vrouter "untrust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vrouter "trust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>unset add-default-route</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set route 0.0.0.0/0 interface untrust gateway x.x.x.113</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set route 192.168.255.0/24 interface tunnel.1</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vrouter "untrust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>set vrouter "trust-vr"</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>exit</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'>FW-Polen-></span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-family:"Calibri","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Verdana","sans-serif"'>Met vriendelijke groet, kind Regards,</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Verdana","sans-serif"'> </span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Verdana","sans-serif"'>Willem Kutschruiter</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Verdana","sans-serif"'>+31653229596</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> <o:p></o:p></span></p></div><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-family:"Calibri","sans-serif"'><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><o:p></o:p></span></p></div></div></div></body></html>