INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

SSG5 - VPN Client - Subnet Routing

SSG5 - VPN Client - Subnet Routing

(OP)
I have an SSG5 configured for use with the VPN client.
The SSG is running 6.2.xx
I have the latest 9.X client from the Juniper Website.

I when I connect with the client I can only access the local subnet for which I connect, I can change it to which ever of the subnets I want and connect fine.

I cannot get the configuration on the Juniper to allow me the option to route between all the subnets across the VPN connection, i.e. i cant ping anything that is not on the subnet i connected to.

Any ideas?

ACA - Implement IP Office
ACS - Implement IP Office
ACSS - SMEC (IP Office)
JNCIA-EX
JNCIA-ER
JNCIA-FWV
Convergence+  

RE: SSG5 - VPN Client - Subnet Routing

In your VPN policy, the Trust address should include all subnets. If your subnets are consecutive (192.168.1.x, 192.168.2.x) then you can create a new address entry in the Trust zone for a larger subnet that includes all of the necessary subnets. For example:

Internal subnets include 192.168.5.x/24 through 192.168.8.x/24 - you would create an address entry in your Policy Elements Trust Zone something like 192.168.5.0/22, which would include all 4 24-bit subnets (192.168.5.0 through 192.168.8.255)

Don't forget to change the matching entry in your Netscreen Remote client.

RE: SSG5 - VPN Client - Subnet Routing

(OP)
You are the man..

ACA - Implement IP Office
ACS - Implement IP Office
ACSS - SMEC (IP Office)
JNCIA-EX
JNCIA-ER
JNCIA-FWV
Convergence+  

RE: SSG5 - VPN Client - Subnet Routing

Don't know about that...I can build the heck out of VPNs but can't get above a 60 on the VPN section of the JNCIA. Go figure...

RE: SSG5 - VPN Client - Subnet Routing

(OP)
Which test> was it the JN0-521?

ACA - Implement IP Office
ACS - Implement IP Office
ACSS - SMEC (IP Office)
JNCIA-EX
JNCIA-ER
JNCIA-FWV
Convergence+  

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close