06-12-2009 12:56 AM
Besides the rekey issue mentionned in http://kb.juniper.net/index?page=content&id=KB9347
does anyone have experience with setting up a VPN between these two platforms? I also read that if used only the ISA server can initiate the connection, is this true and if so, why?
Also what proposal settings will work best with this setup?
Thanks for your comments.
06-12-2009 09:05 AM
(1) No, VPN can be initiated by either end. It depends on the configuration of the ISA and the firewall.
(2) There is no specific proposals which work best, the key is to make sure proposals on both ends match! Else VPN will not work.
In choosing proposals the key is what kind of encryption and hash algorithm you want to use which will also translate into the amount of overheads on the vpn and also how secure you want the traffic to be.