[129432] in North American Network Operators' Group
Re: Juniper to Watchguard IPSEC
daemon@ATHENA.MIT.EDU (rhsv6@hushmail.com)
Mon Sep 6 06:26:44 2010
Date: Mon, 06 Sep 2010 11:26:25 +0100
To: nanog@nanog.org
From: rhsv6@hushmail.com
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
You have not specified what sort of settings you are using (PSK vs
CERTS, Algos , route based VPN etc)
However something along the following lines is working fine for me:
set ike gateway "**************" address 172.16.250.1 Main outgoing-
interface "ethernet0/8" preshare "**************" proposal "pre-g2-
3des-sha"
set vpn "**************" gateway "**************" replay tunnel
idletime 0 proposal "g2-esp-aes128-sha"
set vpn "**************" id 0x7 bind interface tunnel.40
set vpn "**************" proxy-id local-ip 192.168.1.0/24 remote-ip
10.1.2.0/24 "ANY"
>Anyone have any experience with IPSEC between a WG Firebox and
Juniper >SRX/SSG? Running into some problems and beginning to think
there might be >some incompatibilities in their IPSEC options.
> TIA,
> Bryan
