Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  Problem VPN between ScreenOS firewall and USG Huawei firewall

    Posted 05-03-2017 07:11

    Hi ,

     

    I have problem VPN between ScreenOS firewall and USG Huawei firewall

     

    inet-------SSG 5juniper --------------- USG Huawei ------ inet

                   dynamic ip                              static ip

     

    Someone who has made vpn against huawei firewalls?
    I have made vpn site to site with static ip on both sides and I had no problems.

     

    Thanks in advance

    Regards



  • 2.  RE: Problem VPN between ScreenOS firewall and USG Huawei firewall
    Best Answer

    Posted 05-03-2017 08:25
    Hi

    - When you have one side dynamic vpn and the other is static you need to use "Aggressive Mode" instead of "Main mode" at both sides .

    - As the SSG device has a Dynamic IP , we would be using FQDN (Fully qualified domain name)

    - Take a look at this link which might be helpful:

    http://gsraut.com.np/juniper/site-to-site-ipsec-vpn-in-juniper-ssg-with-one-side-dynamic-ip-part-1/

    https://kb.juniper.net/kb/documents/public/resolution_path/J_FW_VPN_Config_or_Trblsh.htm