Search results for query: *

Hi John, I think I'm too tired to be thinking about this now! About to call it a night (it's 1:37am!) and look at it afresh tomorrow. The tunnel still isn't coming up and my rules don't contain any reference to 10.10.1.0/24 in the dropdown.. I can only select 'Any' and 'Dial up VPN' Thanks...

Thanks John, One last one ... Shuold 'Vodafone Handset Range #1' 10.10.1.0/24 be in VPN Group rather than Untrust?

Great stuff, trying to add the rules now... When I try to add 'Trust' to VPN', there's no tunnel interface available in the 'Tunnel' dropdown list. Nick

Here it is: set clock timezone 0 set vrouter trust-vr sharable set vrouter "untrust-vr" exit set vrouter "trust-vr" unset auto-route-export exit set vrouter name "VR-NEW" id 1025 unset vrouter "VR-NEW" nsrp-config-sync set vrouter "VR-NEW" unset auto-route-export exit set service "RTP_XLITE"...

Hi John, I'm pretty sure it's a Cisco PIX on the other end. 2007-12-21 00:17:23 info IKE<212.183.134.35> Phase 2: No policy exists for the proxy ID received: local ID (<192.168.1.0>/<255.255.255.0>, <0>, <0>) remote ID (<10.10.1.0>/<255.255.255.0>, <0>, <0>). ns25-> get db str ## 2007-12-21...

Hi John, Sadly, I don't have access to the Vodafone firewall. Change requests typically take around 7 days to complete on their end. Doesn't look as if I've added a proxy-id. Could you advise as I'm not 100% sure what to put here: Proxy-ID Local IP / Netmask / Remote IP /...

Here's the output... ns25-> undebug all ns25-> get db str ## 2007-12-20 23:27:28 : IKE<212.183.134.35> ****** Recv kernel msg IDX-0, TYPE- 5 ****** ## 2007-12-20 23:27:28 : IKE<212.183.134.35> ****** Recv kernel msg IDX-0, TYPE-...

Hi John, I disabled VPN monitor and did another debug... there was no output. Is this expected? Nick

Also, I don't have access to the Voda router. Nick

The only thing I have changed in Autokey IKE is 'Bind to' from 'none' to tunnel.2 Nick

Is this any better? ns25-> get db str ## 2007-12-20 23:01:12 : IKE<212.183.134.35> ****** Recv kernel msg IDX-0, TYPE-5 ****** ## 2007-12-20 23:01:12 : IKE<212.183.134.35> ****** Recv kernel msg IDX-0, TYPE-5 ****** ## 2007-12-20 23:01:12 : IKE<212.183.134.35> sa orig index<0>, peer_id<1>. ##...

John, This is great - I can't thank you enough for your help. Here's the output from your commands. ns25-> get int tun.2 Interface tunnel.2: description tunnel.2 number 20, if_info 4176, if_index 2, mode route link ready vsys Root, zone VPN Zone, vr trust-vr admin mtu 1500...

I should point out the following error message on the Netscreen also... Vodafone end... IKE<212.xxx.xxx.35> Phase 1: Retransmission limit has been reached.

Hi John, I made that change and also set tunnel.2 to unnumbered interface (Ethernet-3 Untrust) I then re-created the two policies VPN Zone To Untrust VPN Zone To Trust I also re-added my two static routes (remote networks) 10.10.1.0 10.10.2.0 through the tunnel. I can't seem to establish...

Hi John, I have posted the config below: set clock timezone 0 set vrouter trust-vr sharable set vrouter "untrust-vr" exit set vrouter "trust-vr" unset auto-route-export exit set auth-server "Local" id 0 set auth-server "Local" server-name "Local" set auth default auth server "Local" set auth...

Thanks John, I think I understand... so 10.10.1.0/24 is on the Vodafone side.. but how does it route to the private network? Did everything look OK in the config 2 posts above? Nick

I should also point out that the Vodafone end point is 212.183.xxx.xxx Our end point is 82.108.xxx.xxx I can't change the Vodafone end point or our end point in the Vodafone router easily... The Vodafone router is also configured to route 10.10.1.0/24 to 192.168.1.0/24 and 10.10.2.0/24 to...

Thanks for this John. I've completed the following ==================================== Created Zone ==================================== VPN Zone untrust-vr Root null Security(L3) ==================================== Created Tunnel ==================================== tunnel.2 0.0.0.0/0...

Hi John. Looks like it's 5.3.0 r4.0 Nick

Hi John, Thanks for taking the time to outline the steps. Just for clarity, would you mind just double checking the steps I'm taking to get me started - bear with me as I stumble around with this! 1) Create a VPN zone in Network | Zones with: Zone Type: 'Tunnel Out Zone' set to Untrust...