Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  netscreen 50 vpn setup screenos 5.4.1

    Posted 07-07-2010 15:22

    I need to build a vpn to an third party that has some strict requirements. i am not sure if this is possible from ns50 running screenOS 5.4.0r1.0 below is the table showing the details they sent me. (ips have been removed)

     

    termination equipment: cisco ASA

    public ip of end point Primary and backup will be provided

    destination & source nat subnet will be 24 bits

     

    encryption algorithm: 3DES with group 2

    integrity (hash) algorithm: SHA1

    transform: ESP-3DES-SHA

    peer auth method (shared password): text pre shared key to be mutually aggreed upon during implementation

    IKE key exchange parameters (Diffie-Hellman group id): 3DES with group 2

    IKE-establish security Association lifetime: 8 hours

    BWidth: 128 kbps

     

    Due to time contstraints i am not able to research everything on my own before the deadline. if anyone can point me in the right direction that would be great.

     

    thanks



  • 2.  RE: netscreen 50 vpn setup screenos 5.4.1
    Best Answer

    Posted 07-07-2010 16:50

    It looks like those cryto settings are supported in screenos 5.4.  See KB6334 on the setup instructions for the vpn tunnel.  These are using these same settings your partner is requesting.



  • 3.  RE: netscreen 50 vpn setup screenos 5.4.1

    Posted 07-08-2010 07:14

    your link and another post i found explaining ipsec vpn have been a great help. I should be able to make this work without too many complications.

     

    thanks!!