SRX

Hi everybody. I´m haveing some trouble with passing through a IPSec VPN tunnel. Network is, as follows:

VPN router1-->Internet-->Juniper SRX240-->VPN router2

My goal is just to let that VPN tunnel pass through the Juniper- I dont want to configure that VPN into Juniper, because I dont want to get access to that tunnel. So far I have tried the following:

IKE-ESP is allowed

I have tried allowing all incoming and outgoing traffic

Created st0.0 logical interface, assigned it to trust-zone and allowed all protocols

So far we have managed to get that tunnel up, but no traffic is active through that tunnel and from "VPN router1" side they saw, that Juniper is trying to establish IPSec connection (even though IPSec is not configured).

Any help would be appreciated!

You could just through a FW filter rule up and let the traffic flow through in packet mode. Bypass the whole SRX security function. Make sure you write an ingress and egress filter. 

Thank You for the tip and guidance. Somehow the tunnel still seems to freeze...

Can you post up the relevant portions of your config and we'll have a look?

Sorry for the late reply. Problem is solved now- by changing the VPN tunnel, so it would transmit data with udp packets- now Juniper lets traffic just pass by.

Oh - and next time post your SRX questions in the SRX Security Forum. You will get a much greater response rate. This forum is for the SSL box only.