| Author |
Message |
news.iol.ie
Guest
|
 Posted:
Sat Nov 26, 2005 4:34 am Post subject:
NetScreen Client VPN Configure |
|
|
Hi All
Has anyone configure WIndows XP to VPN with a Juniper firewall using not
using Netscreen-remote. In effect just using the XP's built client VPN
features.
Thanks
Stephen |
|
| Back to top |
|
 |
Triffid
Guest
|
| Posted:
Sat Nov 26, 2005 9:22 am Post subject:
Re: NetScreen Client VPN Configure |
|
|
news.iol.ie wrote:
| Quote: | Hi All
Has anyone configure WIndows XP to VPN with a Juniper firewall using not
using Netscreen-remote. In effect just using the XP's built client VPN
features.
Thanks
Stephen
|
Yes, it's possible. I have it working - but it was a PITA, mostly
because XP uses it's own terminology and hides anything that might be
useful for diagnostics.
I expect it would be easier if the client had a static IP, but when the
client IP is dynamic you _must_ use certificates for IKE authentication.
I used OpenSSL as my CA.
Sorry, I can't give you the recipe - I spent hours of trial and error
getting it to work, my notes are messy, and I don't have time to repeat
the process and document it. However, if you have questions along the
way I'll try to help - especially if you document the recipe :-)
Googling 'openssl netscreen' will help too.
Triffid |
|
| Back to top |
|
|
Stephen
Guest
|
| Posted:
Sat Nov 26, 2005 5:21 pm Post subject:
Re: NetScreen Client VPN Configure |
|
|
Triffid wrote:
| Quote: |
news.iol.ie wrote:
Hi All
Has anyone configure WIndows XP to VPN with a Juniper firewall using
not using Netscreen-remote. In effect just using the XP's built
client VPN features.
Thanks
Stephen
Yes, it's possible. I have it working - but it was a PITA, mostly
because XP uses it's own terminology and hides anything that might be
useful for diagnostics.
I expect it would be easier if the client had a static IP, but when the
client IP is dynamic you _must_ use certificates for IKE authentication.
I used OpenSSL as my CA.
Sorry, I can't give you the recipe - I spent hours of trial and error
getting it to work, my notes are messy, and I don't have time to repeat
the process and document it. However, if you have questions along the
way I'll try to help - especially if you document the recipe :-)
Googling 'openssl netscreen' will help too.
Triffid
Hi |
Yes I will document this as I go. Did you use an autokey (IKE) or did
you use L2TP?
Regards
Stephen |
|
| Back to top |
|
|
Triffid
Guest
|
| Posted:
Sat Nov 26, 2005 5:21 pm Post subject:
Re: NetScreen Client VPN Configure |
|
|
Stephen wrote:
| Quote: | Triffid wrote:
news.iol.ie wrote:
Hi All
Has anyone configure WIndows XP to VPN with a Juniper firewall using
not using Netscreen-remote. In effect just using the XP's built
client VPN features.
Thanks
Stephen
Yes, it's possible. I have it working - but it was a PITA, mostly
because XP uses it's own terminology and hides anything that might be
useful for diagnostics.
I expect it would be easier if the client had a static IP, but when
the client IP is dynamic you _must_ use certificates for IKE
authentication. I used OpenSSL as my CA.
Sorry, I can't give you the recipe - I spent hours of trial and error
getting it to work, my notes are messy, and I don't have time to
repeat the process and document it. However, if you have questions
along the way I'll try to help - especially if you document the recipe
:-)
Googling 'openssl netscreen' will help too.
Triffid
Hi
Yes I will document this as I go. Did you use an autokey (IKE) or did
you use L2TP?
Regards
Stephen
|
AutoKey IKE with Dialup as the remote gateway type.
Triffid |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in