Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] "vpn vpn_name is on zone zone_name.vpn invalid or not exist" error in CLI

0

0

Article ID: KB29517 KB Last Updated: 24 Sep 2014Version: 1.0
Summary:

This article describes the following error that appeared in the CLI:

vpn vpn_name is on zone zone_name.vpn invalid or not exist

Symptoms:

When configuring a Policy-based VPN that crosses from a source zone to a destination zone, an attempt to bind the policy to the VPN resulted in the following error in the CLI:

vpn vpn_name is on zone zone_name.vpn invalid or not exist

Cause:

The error message is encountered if the outgoing interface of the VPN is on a zone that is different from the source/destination zone used in the Policy.

For example, if the outgoing interface of the VPN is on Untrust zone, the VPN can bind only to a policy whose source/destination zone is on Untrust zone.

Note: In the Web UI: If the outgoing interface of the VPN is on a zone (for example, Untrust) that is different from the source/destination zone used in the Policy (for example, DMZ to Trust), this particular VPN will be absent from the drop-down list in the Policy.

Solution:

Ensure that the source zone or the destination zone of the VPN policy is the same as the zone of the outgoing interface of the corresponding VPN.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search