[129391] in North American Network Operators' Group
Re: Juniper to Watchguard IPSEC
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri Sep 3 20:19:17 2010
From: Owen DeLong <owen@delong.com>
To: Iain Morris <iain.t.morris@gmail.com>
In-Reply-To: <AANLkTi=jANpoxB+DtT=BwGOLjvyExGPs6fKHPW=Kb0i0@mail.gmail.com>
Date: Sat, 4 Sep 2010 09:46:43 +0930
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Sent from my iPad
On Sep 4, 2010, at 6:50 AM, Iain Morris <iain.t.morris@gmail.com> wrote:
> On Fri, Sep 3, 2010 at 10:03 AM, Welch, Bryan =
<Bryan.Welch@arrisi.com>wrote:
>=20
>> Anyone have any experience with IPSEC between a WG Firebox and =
Juniper
>> SRX/SSG? Running into some problems and beginning to think there =
might be
>> some incompatibilities in their IPSEC options.
>>=20
>=20
>=20
>> Not WG but I had trouble getting a SSG to talk to a Cisco until I =
realized
>> the SSG (ScreenOS) has to have a proxy-id defined, which the Cisco =
required
>> to complete the SA. But perhaps you're using Junos on your SSGs if =
you're
>> talking SRX as well.
>=20
>=20
Same requirement in JunOS as well.
Owen
> -Iain
