SRX

last person joined: 20 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Establish an ipsec tunnel between SRX100 and ISA 2006.

    Posted 05-15-2012 06:00

    Greetings.

    I trying to build route-based pre-shared key ipsec tunnel between SRX100 and ISA 2006. Tunnel establishes, but there is no traffic within. Junos version - 11.1R1.10

    My network: 192.168.10.0/24 --> SRX100 --> 176.x.x.50, 195.x.x.178

    kmd log and config in attachments.

    After the establishment of the tunnel I see in kmd log messages like "cannot connect to authd: no such file or directory".

     

    What i doing wrong?

    Attachment(s)

    txt
    config.txt   7 KB 1 version
    txt
    log.txt   28 KB 1 version


  • 2.  RE: Establish an ipsec tunnel between SRX100 and ISA 2006.
    Best Answer

    Posted 05-15-2012 06:33

    Hi there,

     

    You have the ST interface in the trust zone which is the internal zone?  This should be in the untrust zone, along with fe-0/0/0.0, which appears to be terminating the VPN

     

    security-zone untrust {
            screen untrust-screen;
            interfaces {
                fe-0/0/0.0 {
                    host-inbound-traffic {
                        system-services {
                            tftp;
                            ike;
                                ping;
                                  }
                    }
                }
                st0.0
            }