ScreenOS Firewalls (NOT SRX)
Reply
New User
maraboutingermany
Posts: 4
Registered: ‎06-12-2009
0

IPSEC VPN tunnel issues between Juniper SSG and Microsoft ISA server

Hi,

 

Besides the rekey issue mentionned in http://kb.juniper.net/index?page=content&id=KB9347&actp=RSS

does anyone have experience with setting up a VPN between these two platforms? I also read that if used only the ISA server can initiate the connection, is this true and if so, why?

Also what proposal settings will work best with this setup?

 

Thanks for your comments.

Trusted Expert Trusted Expert
Trusted Expert
WL
Posts: 789
Registered: ‎07-26-2008
0

Re: IPSEC VPN tunnel issues between Juniper SSG and Microsoft ISA server

(1) No, VPN can be initiated by either end. It depends on the configuration of the ISA and the firewall.

 

(2) There is no specific proposals which work best, the key is to make sure proposals on both ends match! Else VPN will not work.

In choosing proposals the key is what kind of encryption and hash algorithm you want to use which will also translate into the amount of overheads on the vpn and also how secure you want the traffic to be.

 

****pls click the button " Accept as Solution" if my post helped to solve your problem****
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.