Screen OS

Hi Everyone,

I have configured a dial-up VPN using Netscreen Remote VPN client, 9.0r3, connecting to a Netscreen 5GT 5.4.0r10. Everything is working fine from the client side. They can ping clients on the LAN, access our Intranet, etc. The problem is that clients on the LAN cannot ping or access the clients that are dialing in.  I would like to be able to do this so I can set up remote desktop connections to them to troubleshoot problems, etc.  I can't even ping them as it stands right now.

Here is my set-up:

Main office (LAN): 192.168.1.x

Branch Office in Tampa connected by VPN to another 5GT:  192.168.4.x (Can ping and access all clients)

Branch Office in San Jose connected by VPN to another 5GT: 192.168.5.x (Can ping and access all clients)

DIal-Up VPN Users Connecting to the 192.168.1.x LAN:  192.168.100.x (LAN cannot ping or connect to these users)

The VPNs between the two branch offices are policy-based.  I have attached the sanitized LAN Netscreen 5GT config text. Only users in the main office will need to contact dial-up users. I think this must be an easy fix, I just can't figure it out. I am VERY new to Juniper products in general, but have found their support to be excellent. Thanks for any help!

Attachment(s)

config.txt   20 KB 1 version

Hey Everyone,

Looks like all I had to do was create a new policy from Trust to Untrust, with the source being Trusted LAN and Destination being "Dial-up" and then it combined it into the other Dial-up VPN creating a bi-directional Policy. WOrks great now. I even got the corporate IP phones working over it with no trouble.

Thanks ANyway!

Could please send me the new config file as I am also facing the same situation and dont know how to configure?