ScreenOS Firewalls (NOT SRX)
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
andre
Contributor
andre
Posts: 269
Registered: ‎12-18-2007
0

Question About SSG

Options

‎12-10-2008 02:06 AM

Hi Guys,

 

I have 1 SSG-20 and configured in site A, and SSG-5 configured in site B. User in site B access applications to the server in internet through SSG-20 in site A with VPN, so client make dial VPN connection to the server via SSG-20.

in site B has 10-15 users to make VPN connection to the server, but not always all users at the same time.

the issue is : sometimes some users cannot conect to the server via dial VPN, but sometimes it can be. 

when some users cannot connect to the server via VPN, after i restart SSG-20, all can connect to.

 

for info: screenOS version is 6.0.r5 in SSG-20 and SSG-5.

users use PPTP and L2TP to connect VPN to the server in internet.

 

I need any advice for this issue ASAP.

 

Thank you guys,

 

Regards, 

Andre 

Regards,

Andre
----------------------------------------------------------------------------------------------
JNCIA-FWV | JNCIS-FWV | JNCIS-AC | JNCIS-SSL | JNCIA-JUNOS | JNCIS-ENT | JNCIP-ENT

-Please mark "accept solution" if my post helps you-
Message 1 of 2 (2,546 Views)
 
Reply
Trusted Contributor
Trusted Contributor
CR
Posts: 88
Registered: ‎11-07-2007
0

Re: Question About SSG

Options

‎12-10-2008 05:00 AM

Hi Andre,

 

I can be that you reached the maximum number of PPTP connections that the PPTP ALG in your box supports.

 

Check this:

 

ssg20-wlan-> get alg pptp
PPTP ALG                  : disable
Maximum PPTP call number  : 8
Current PPTP call number  : 0
ssg20-wlan-> 

 

You can check some counters with "get alg pptp counters" and "get alg pptp xlate".

 

Example:

 

ssg20-wlan-> get alg pptp counters
PPTP message counters:
-------------------------------------------------
Outgoing Call Request                : 0
Outgoing Call Response               : 0
Set Link Info                        : 0
WAN Error Notify                     : 0
Call Clear Request                   : 0
Other Message                        : 0

PPTP xlate counters:
-------------------------------------------------
PPTP xlate entry number              : 0
PPTP xlate failed number             : 0
ssg20-wlan-> get alg pptp xlate
0 out of 8 pptp xlate entries are used.
Failed count 0.
---------- xlate table ----------
---------- rev xlate table ----------
ssg20-wlan-> 

 

If there are any issues you could try loading the latest recommended ScreenOS (6.1r4). If it doesn't help you can best open a JTAC support case.

 

Hope it helps.

 

Casper

 

Message 2 of 2 (2,531 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.