Quantcast
Channel: All SRX Services Gateway posts
Viewing all articles
Browse latest Browse all 17645

Re: Apple iPhone/iPad VPN to Juniper SRX - now possible!

$
0
0

Hi all,

 

Thanks for this wonderfull pdf with all the information!!!

 

I'm having only issue at one of the last step with the configuration of the srx. I tried every possible combi but none did work. Im runnning SRX210H with 12.1R1.9

 

I did add in the following range:

First interface st0, routing-options, ike proposal, ike policy, acces profile, security flow, ike gateway. So far so good, after every part i did commit with completion. But when i did add the ipsec vpn part, it got bumped. Can someone please advise me whatever is going wrong?

 

 

serdar@SRX210# commit
[edit security ipsec vpn picotest ike gateway]
  'gateway gw_picotest'
Shared or group ike policy cannot refer to route-based vpn
error: commit failed: (statements constraint check failed) [edit] serdar@SRX210# show | compare [edit security ipsec] + vpn picotest { + bind-interface st0.2; + ike { + gateway gw_picotest; + proxy-identity { + local 192.168.0.0/16; + remote 0.0.0.0/0; + service any; + } + ipsec-policy ipsec_pol_picotest; + } + }

serdar@SRX210> show configuration security ike
gateway gw_picotest {
ike-policy ike_pol_picotest;
dynamic {
hostname .local;
ike-user-type group-ike-id;
}
local-identity hostname xxxxxxxxxx.org;
external-interface ge-0/0/0.0; ## this is my interface facing to my ISP
xauth access-profile picotest;
version v2-only;
}

 


Viewing all articles
Browse latest Browse all 17645

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>