Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Archive] Is the VPN Gateway Configured to Use the Correct Outgoing Interface?

0

0

Article ID: KB4409 KB Last Updated: 04 Jun 2010Version: 5.0
Summary:
How to determine if the VPN Gateway is configured for the Correct Outgoing Interface?
Symptoms:

Solution:

Note: This article applies to ScreenOS 5.0 and higher.

To ensure that the outgoing VPN interface configured in phase 1 matches, perform the following steps:

 Open the WebUI. For more information on accessing the WebUI, go to KB4060 - Accessing Your NetScreen, SSG, or ISG Firewall Using the WebUI .

 From the Juniper Firewall WebUI menu, select VPNs, AutoKey Advanced, then Gateway.

Image of step two

 Locate the Gateway, and then click Edit.

Image of step three

 Examine the Outgoing Interface field, located towards the bottom of the screen, and make note of which interface is designated.

Image of step four

 View the Route Table by clicking on Network > Routing > Destination.  Look for the default outgoing static route, it is the route with 0.0.0.0/0 in the IP/Netmask field.  Note the interface used by the default route.  In most cases, the VPN Gateway should use this same interface. 

Is this the same interface as that listed as the Outgoing Interface in Step 4?

Yes - Then the Outgoing Interface in the Gateway is configured correctly.  Go to Step 8 in KB9217 - How to Troubleshoot a Site-to-Site VPN That Won't Come Up and ther are No Messages In the Event Logs.

No - A new Gateway will have to be created using the correct outgoing interface.  You cannot change the Outgoing Interface once the Gateway has been completed.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search