The steps below provide assistance with troubleshooting a box-to-box NetScreen VPN configuration.
Need help troubleshooting my NetScreen device.
Solution:
Follow the Question/Answer links below for assistance with troubleshooting a box-to-box NetScreen VPN:
Purpose:| Step 1 |
Can you PING the remote firewall public interface IP Address? [How do I do this?] |
If [Yes], go to Step 2 |
| If [No], go to Step 4 | ||
| Step 2 |
Can you perform an extended PING from the trust network to the remote gateway's trust interface? [How do I do this?] |
If [Yes], go to Step 3 |
If [No], view the event log entries for the VPN and consult the following links for further assistance:
|
||
| Step 3 |
Consult the following links for additional assistance: |
|
| Step 4 |
Is PING management enabled on the public interface of the firewall? |
If [Yes], go to Step 5 |
| If [No], Click the appropriate interface for instructions on how to enable the functionality on the Public Interface or Trust Interface. | ||
| Step 5 |
Is there a route defined in the Virtual Router? The route should be defined on both firewalls to which the appropriate zone and public interface are bound. [How do I check this?] | If [Yes], go to Step 6 |
| If [No], Configure a route to the Virtual Router. |
||
| Step 6 |
Can you PING the gateway IP that is defined in the route to the remote firewall? [How do I do this?] |
If [Yes], go to Step 7 |
| If [No], consult the following article for additional assistance: |
||
| Step 7 |
Can you PING any other public IP address? [How do I do this?] |
If [Yes], consult the following article for additional assistance: |
| If [No], Verify connectivity with your ISP |
Troubleshooting
