SSL VPN
Reply
Visitor
Slarti-42
Posts: 5
Registered: ‎08-23-2009
0

VPN Port Forwarding 500 in conflict with Netscreen?

Hello everyone,

 

I have behind the netscreen an Apple VPN Server and for that I need to forward the port 500 and some other ports.

 

I have configured the policy and when I do on the interface the VIP configuration it tells me that:

"Not supported service: (ip: *untrust IP here*/port:500) is for management of the box"

 

Now I think, that somehow VPN is active on the netscreen itself and therefore using this port. Any chance that I can turn it off and where please? I couldn't find it. 

 

Or am I totally wrong?

 

For any hints I would be happy.

Kind regards.

Slarti 

Distinguished Expert
muttbarker
Posts: 2,363
Registered: ‎01-29-2008
0

Re: VPN Port Forwarding 500 in conflict with Netscreen?

Yes, port 500 is used by the box. I don't recall that there is any way to turn it off. Are you setting up a VIP for this? You can use port 500 on the inside  and use some other port on the outside - so set your virtual port to something like 501 - have users connect to that and then map to a defined service on port 500.

 

Also - you should post firewall questions in the firewall forum for faster response.

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Visitor
Slarti-42
Posts: 5
Registered: ‎08-23-2009
0

Re: VPN Port Forwarding 500 in conflict with Netscreen?

Thank you for your response.

 

Sadly I can't reconfigure the ports of my laptop for the vpn connection as I can't for my iPhone.

 

Sorry about posting this in the ssl vpn section, thought that this would be the best idea. I will try in the FW section then as well.

 

Cheers

Slarti

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.