ScreenOS Firewalls (NOT SRX)
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
BA
Visitor
BA
Posts: 9
Registered: ‎04-24-2009
0

Allowing inbound PPTP traffic through Netscreen 25

Options

‎02-11-2010 08:16 AM

I am having an issue where a PPTP client can successfully connect to an external VPN out of our coporate network.

 

Using the same, laptop, profile, I cannot connect to the external VPN.

 

Laptop OS: XP Pro SP3

 

Can anyone shed some light or point me in the right dircetion on where to look for this?

Message 1 of 2 (2,667 Views)
 
Reply
Distinguished Expert
Distinguished Expert
spuluka
Posts: 1,612
Registered: ‎03-30-2009
0

Re: Allowing inbound PPTP traffic through Netscreen 25

Options

‎02-12-2010 04:17 PM

Make sure the PPTP Application Layer Gateway (ALG) is turned on for the firewall.

 

I'm assuming this function is on the Netscreen 25 in a similar way to the SSG series that I am used to. In the SSG this is found under the security tab.

 

Basically PPTP and other applications like this use random ports that get negociated during the connection.  The firewall has to be aware of the application to allow the traffic.  When you enable the PPTP ALG this is done and the connections can proceed.

Steve Puluka BSEET
Juniper Ambassador
Senior Network Engineer
JNCIA-ER JNCIA-EX JNCIS-SEC JNCIP-SEC
JNCIS-FWV JNCIS-SSL
MCP - Managing Server 2003 MCP - Windows XP Professional
MCTS Windows 7
http://puluka.com/home
Message 2 of 2 (2,646 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.