Hi,
I currently have it set up so i have another public ip proxy arp'd on the srx external interface, then i have a destination NAT rule to forward an traffic to my pptp server.
This is working fine. the pptp alg sees the traffic and handles everything.
Existing settings for pptp:
## external interface ##
show interfaces ge-0/0/5
per-unit-scheduler;
unit 0 {
family inet {
address 200.200.200.201/29;
## proxy-arp ##
interface ge-0/0/5.0 {
address {
200.200.200.202/32;
}
}
## destination nat ##
pool dst-nat-pool-1 {
address 10.10.10.10/32;
}
rule-set rs1 {
from interface ge-0/0/5.0;
rule r1 {
match {
destination-address 200.200.200.202/32;
destination-port {
1723;
}
}
then {
destination-nat {
pool {
dst-nat-pool-1;
## security rule from untrust to our pptp server ##
show security policies from-zone untrust to-zone Servers
policy VPN_PPTP {
match {
source-address any;
destination-address DC5;
application junos-pptp;
}
then {
permit;
}
}
I have tried so many things to get the l2tp working, enabled the alg, disabled the alg, created custom applications for ports 500, 1701, 4500 and esp protocol and it still wont work properly.
This is the furthest i got with it last night, i saw traffic hitting the srx but i didn't connect to the l2tp server
Session ID: 316147, Policy name: VPN_PPTP/40, Timeout: 36, Valid In: 82.132.227.76/627 --> 200.200.200.202/500;udp, If: ge-0/0/5.0, Pkts: 2, Bytes: 728 Out: 10.10.10.10/500 --> 82.132.227.76/627;udp, If: vlan.40, Pkts: 2, Bytes: 524
Tearing my hair out with this now, if anyone can help please advise
Matt