Netscreen VPN help needed
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Netscreen VPN help needed

From: <rick@rickrobinson.org>
Date: Thu Apr 27 2006 - 04:35:02 CEST



I have a working policy based lan-to-lan tunnel configured on two


Netscreens.  



I also have another zone called 'dmz' on one of the Netscreens, and


hosts in that zone are unable to access the lan-to-lan tunnel.  



In zone dmz, there is no policy for the vpn or a route to the


destination, so traffic ends up being sent to the default gateway


instead of the tunnel.



When I tried adding a policy to zone 'dmz' for the vpn traffic


screenos said it could not because the IKE ID was already in use.  I


also tried to route the traffic to the trust interface and that didn't


work either.



Can anyone assist and tell me how to configure this so that the other


zone can access the tunnel?



Thanks in Advance.


-RLR


Received on Mon May  1 01:08:58 2006