Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  Connection Problem with Wireless AP to SSG 5

    Posted 08-08-2012 03:41

    Hi,

     

    iam new to this forum, and i have a question, because i am stuck in configuration.

     

    We got an SSG 5 Router here, and i want to connect a Wireless AP (CISCO WPN610) to the Router and get Access to the Internet.

     

    Internet-Connection through Ether0/0 over PPPoE (T-Online) .

     

    Ethernet 0/2 is in bgroup 0 (IP 192.168.0.0/24) DHCP off

    VPN over IPSEC (192.168.1.200 -230 )

    Ethernet 0/6 connected for Wireless AP .. (192.168.2.254/24) DHCP on

     

    The AP works fine, and i can manage the Juniper Device over the 192.168.2.254 IP . But i have no Connection to the Internet, do i have to do some configuration i missed??

     

    Can you help me?



  • 2.  RE: Connection Problem with Wireless AP to SSG 5

    Posted 08-08-2012 06:42

    Hi,

     

    If WLAN is in a different zone than trust, then check if you have the right policies along with the correct source address translation.

    Also, check if issue is related to DNS settings.

     

    Thanks.

    Hardeep



  • 3.  RE: Connection Problem with Wireless AP to SSG 5

    Posted 08-08-2012 17:54

    As Sahota says, you are likely missing the policy from the wifi zone to the untrust with a source nat enabled.

     

    I have all of the steps needed to add an external WAP to the SSG posted here in the configuration library.  Step 4 is what we think you are missing.

     

    http://forums.juniper.net/t5/Configuration-Library/ScreenOS-Configure-Guest-External-WAP-Segment/m-p/64151#M158



  • 4.  RE: Connection Problem with Wireless AP to SSG 5

    Posted 08-09-2012 00:37

    Hi spuluka,

     

    i have done all you described in the link.. .not working... get connection to the Router over WLAN, but not to the Internet..

     

    May i post you the Configuration over pn?



  • 5.  RE: Connection Problem with Wireless AP to SSG 5
    Best Answer

    Posted 08-09-2012 01:08

    Jesus Christ...

     

    i got it...

     

    i´ve not set a new Policy Segment to my WLAN Zone .. i set it global to the trust where only bgroup0 was.

     

    New Policy Segment to WLAN and now iam in .



  • 6.  RE: Connection Problem with Wireless AP to SSG 5

    Posted 08-09-2012 03:19

    In general you do not want to create global policies.  This is a method of last resort under special circumstances.  You should have specific zone policies for this traffic.

     

    I have sent you a PM with the details based on the configuration you sent eariler.