SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  [SOLVED] No IKE Connection after reboot of SRX550

    Posted 03-07-2013 10:36

    Hey Guys (and Girls)

     

    I'm trying to connect two SRX550 for testing purposes via IKE/IPsec but currently I have no Idea why it doesn't work.

     

    Net-Layout

    SRX1                                                                             SRX2

    10.0.240.0/22      \

    10.0.247.128/25  }--10.0.3.25<-->10.0.3.26--{10.0.244.0/23

    10.0.248.0/21     /

     

    also the networks 10.0.246.0/25,  10.0.246.128/25 and 10.0.247.0/25 will be connectet on seperate SRX devices later. My current "management" network is 10.43.43.X to get access via ssh.

     

    Config File for SRX1: http://paste.xinu.at/zKOD/

    Config File for SRX2: http://paste.xinu.at/zAH5/

     

    IKE Trace of SRX2: http://paste.xinu.at/CCvG9b/

     

    Now the weird part.... I GOT a connection with this config before until I rebooted the devices.

     

    Any help would be welcome.

     

    Greetings

    Michael



  • 2.  RE: [SOLVED] No IKE Connection after reboot of SRX550
    Best Answer

    Posted 03-10-2013 00:00

    Hi

     

    Your config looks good for me, but maybe you will want to turn on establish-tunnels immediately

    under vpn. I can't comment on errors in the trace, but I guess they may be harmless artifacts

    of the reboot.



  • 3.  RE: [SOLVED] No IKE Connection after reboot of SRX550

    Posted 03-10-2013 08:45

    Hi pk 🙂

     

    Thanks for your Reply and you're correct the Tunnel came up instant. The Problem it wasn't opened when I tried to ping the other device was really stupid... I put the two st0 interfaces in different subnets so they couln't talk to each other /o\.

     

    Thanks for your help it seems to work now 🙂