I have the NCP Client working but the organisation I work for want to test a free VPN Client. The only one I can find is Shrew VPN. I have configured as per the NCP Clinet and when connecting I get the following:
bringing up tunnel
network device configured
All looks good and I get an IP address assigned by the SRX1500.... howver, I cannot ping any devices at the far end and I cannot SSH to them. Then after about 30 seconds the tunnel is just dropped.
The Shrew VPN Trace logfile is rather large, but here is some of the ending of it:
18/06/06 11:20:25 == : new informational iv ( 16 bytes )
18/06/06 11:20:25 =< : cookies 6e0aee610b6a71ac:b334668bf9b0d920
Just in case anyone wants to know, I managed to get the Shrew VPN working with the SRX1500.
I changed the IKE (Phase 1) Lifetime to 180 and the Shrew VPN Client to 60.
So, the scenario now with the Shrew VPN Client is that if you are idle for 90 seconds (I timed it) then the VPN automatically disconnects. However, if you are utilising the VPN then it stays up for 5 minutes plus..... I have completed tests for the times.
I just need to figure out now why the Client closes the connection after 90 seconds when idle, especially as there is nothing configured anywhere that says 90 seconds.... When I figure this out I will post here for other people who may be experiencing the same issue.
The SRX configuration is the same as I have written on these boards for the NCP client except the lifetime timer....
I was also trying the free Shrewsoft VPN, but I was stuck in a "timeout" error. And after some searching and testing I stopped with this one.
We we're already been using NCP for several customers for some time, but this is a rather expensive VPN client. Now I'am testing the Greenbow vpn client on Win10 64-bit. I'll managed to get the tunnel UP, but unfortunately I cannot communicate through the tunnel.
I have an NCP (old version Juniper Edition) vpn client installed on my own laptop which connects with the same IPsec configuration and from my machine I can connect to the remote network without any problems.
We have several customers using Pulse Secure Client with the Juniper build-in Dynamic-vpn, but with the latest Windows updates they are experencing a lot of problems. Juniper says we should use an older client, but thats also no a good and working solution.
According to my colleagues Windows does something strange with the virtual adapter, which is neede for the communication. Maybe that's also the case when using GreenBow. Any ideas?
Sorry, I have no idea with regards to Windows changing anything with the virtual adaptor.
What I found with the Shrew VPN Client was that it always disconnected after 50% of the lifetime value was reached. The way around that is to obviously double the length of the lifetime for what you require.
I have stopped using the Shrew software and now use the NCP VPN Client. It's also very, very quick with connectivity compared to any other Client I have tried (Including CIsco Anyconnect).....
I have managed to get all different clients working (NCP, SHrew and Cisco Anyconnect) but found the most stable to be NCP. Also, as an add on, I found configuring the NCP client for Split-Tunneling very intuitive and easy.