Netscreen10-VPN
L. David Leija
ldl1971 at HOTMAIL.COM
Wed Mar 7 20:04:55 EST 2001
Labsetup Visual Description:-
[Host1]-{Lan1}-[Netscreen1]-{VPN_Over_X-Over_Cable}-[Netscreen2]-{Lan2}-[Host2]
Labsetup Verbal Description:-
2 Netscreen boxes with their untrusted interfaces connected with a
cross-over cable.
Hosts each are connected to the trusted inteface of each Netscreen box.
Manual Key VPN configured between LAN1 and LAN2
What works:-
I can ping from Host2 to the untrusted interface of Netscreen1
I can ping from Host2 to the trusted interface of Netscreen1
I can ping from Host2 to the interface of Host1
I can telnet from Host2 to the interface of Host1
What doesn't work:-
I cannot ping from Host1 to the untrusted interface of Netscreen2
I cannot ping from Host1 to the trusted interface of Netscreen2
I cannot ping from Host1 to the interface of Host2
I cannot telnet from Host1 to the interface of Host2
Additional:-
I haven't noticed anything that obvious in the Netscreen routing tables. If
there were a routing problem, I doubt the icmp replies would find thier way
back to Host2 on pinging Host1. Is there some policy issue that I'm missing?
I can't understand why only 1/2 of the tunnel works. That just doesn't make
any sense. TIA
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list