Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] Is the VPN Gateway configured to use the correct outgoing Interface?



Article ID: KB4409 KB Last Updated: 10 Jun 2020Version: 6.0

How to determine if the VPN Gateway is configured for the correct outgoing Interface.


This article applies to ScreenOS 5.0 and higher.

To ensure that the outgoing VPN interface configured in phase 1 matches, perform the following steps:

  1. Open the WebUI. For more information on accessing the WebUI, go to KB4060 - Accessing Your NetScreen, SSG, or ISG Firewall Using the WebUI .

  2. From the Juniper Firewall WebUI menu, select VPNs, AutoKey Advanced, then Gateway.

  3. Locate the Gateway, and then click Edit.

  4. Following window will open, click on Advanced.

  5. In following window, examine the Outgoing Interface field, located towards the bottom of the screen, and make note of which interface is designated.

  6. View the Route Table by clicking on Network > Routing > Destination.  Look for the default outgoing static route, it is the route with in the IP/Netmask field.  Note the interface used by the default route.  In most cases, the VPN Gateway should use this same interface.

Is this the same interface as listed as the Outgoing Interface in Step 4?

Yes - Then the Outgoing Interface in the Gateway is configured correctly.  Go to Step 8 in KB9217 - How to Troubleshoot a Site-to-Site VPN That Won't Come Up and ther are No Messages In the Event Logs.

No - A new Gateway will have to be created using the correct outgoing interface.  You cannot change the Outgoing Interface once the Gateway has been completed.

Modification History:
2020-06-10: Replaced old WebUI pictures with new WebUI pictures.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search