04-09-2009 02:28 AM
Hello, I'm a Newbie to FW + Networks; I tried to configure my SSG5 to get access via Shrew-VPN Client to our Network,
I used the documentation (Chapter 5: Dialup Virtiual Private Networks) and the client is able to establish a tunnel;
But it only connects to the ip-Adress of our IPS and I'm not able to connect to any of the devices in our lan!
I think there is a issue with a route or something
Could anybody give me a hint
04-09-2009 03:13 AM
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI
If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
04-15-2009 09:07 AM
I have the exact same proble, in the meantime i've recomended user to use netscreen remote, but i'm still trying to make it work.
So far what i have noted the following:
1. Configuration on Juniper side (with xauth) is ok (at least it works with netscreen remote without any changes).
2. When Shrew connects, it get's an IP address from the pool;
3. Althoug the vpn client states that it is connected, if you do an "get sa" on the juniper device, you find out that there is no connection...
4. No traffic logs are generated.
04-15-2009 09:36 AM
can you check the "get event" that will usually tell you the state.
The log viewer in the NSR will also tell you more about the debugs as well.
04-20-2009 12:45 AM
Could u share your juniper device config and remote client config ?
try to modify your policy => policy from untrust to trust with source dial up user, destination any, service any and use "nat source using engress interface"