SRX Services Gateway
Reply
Contributor
nanustud
Posts: 27
Registered: ‎01-06-2011
0

SRX does not see UDp 500 packet on its internal interface

Hello All,

 

Am running a Cisco VPN client on our internal network to connect to client network, the traffic flows through SRX3600 when the VPN is launched it fails to connect. We do no see any traffic for UDP500 thats hitting the internal interface of the firewall. Filters were set on the SRX it see all other traffic except UDP -500. We have NAT-T on the SRX  and its working fine for all other traffic. we are currently running on Junos 103.R5.5

Super Contributor
johnrbaker
Posts: 210
Registered: ‎02-17-2011
0

Re: SRX does not see UDp 500 packet on its internal interface

Hi

 

If you could post a cleaned verson of you config, then we could have a look at it.  I did have a problem with a work laptop that was running a Cisco VPN client.  It needed the ike-esp-nat setting under the security section

 

E.G.

 

security {

#YOUR CONFIG

    alg {
        ike-esp-nat {
            enable;
        }
    }

#YOUR CONFIG

 

 

 

 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.