ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

IPSEC VPN tunnel issues between Juniper SSG and Microsoft ISA server

06.12.09   |  
‎06-12-2009 12:56 AM

Hi,

 

Besides the rekey issue mentionned in http://kb.juniper.net/index?page=content&id=KB9347&actp=RSS

does anyone have experience with setting up a VPN between these two platforms? I also read that if used only the ISA server can initiate the connection, is this true and if so, why?

Also what proposal settings will work best with this setup?

 

Thanks for your comments.

1 REPLY
ScreenOS Firewalls (NOT SRX)

Re: IPSEC VPN tunnel issues between Juniper SSG and Microsoft ISA server

06.12.09   |  
‎06-12-2009 09:05 AM

(1) No, VPN can be initiated by either end. It depends on the configuration of the ISA and the firewall.

 

(2) There is no specific proposals which work best, the key is to make sure proposals on both ends match! Else VPN will not work.

In choosing proposals the key is what kind of encryption and hash algorithm you want to use which will also translate into the amount of overheads on the vpn and also how secure you want the traffic to be.

 

****pls click the button " Accept as Solution" if my post helped to solve your problem****