Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
Juniper
to define additional subnet for site2site vpn
getrue
Hello, I setupped site2site vpn connection for one local_subnet. how can I add second local_subnet to this vpn connection.
Find more posts tagged with
Comments
Mstavridis
Huh? You need to describe your current network and then give us more detail on what you are trying to accomplish, I would love to help but I don't know what exactly your trying to accomplish.
getrue
picture
How can I add second subnet to the vpn tunnel. Our vpn is route-based vpn or policy-based vpn? How can I understand?
Thanks
teren
Depends on if this was setup as a route or policy based VPN, as mentioned if you can provide more details I'm sure we can help. Thanks!
MrBishop
/30 will give you 2 available addresses per subnet so your subnets will look like
10.1.1.0 to 10.1.1.3
10.1.1.4 to 10.1.1.7
10.1.1.8 to 10.1.1.11
10.1.1.12 to 10.1.1.15
and so on
teren
Ah ScreenOS.....well I'm going to make the assumption that this is a policy based VPN to a non JUNOS/ScreenOS device. Therefore, you'll basically need to duplicate everything you see on that screen except change the proxy ID to what the second subnet is and then add the corresponding policy for that subnet to point to that new VPN you're creating.
Or, if you upgrade to ScreenOS 6.3, you can use this feature
Juniper Networks - Function of a new feature "Multiple Proxy ID support on a Route-Based VPN" (Supported started with ScreenOS 6.3) - Knowledge Base
getrue
thanks for your answers. special thanks to
teren
. We upgraded firmware and ran below command.
SSG140-> set ike policy-checking
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
