[VPN] VPN tunnel between Sidewinder 5.2.1.0.7 and Netscreen 5XP
Kokes, Tim
Tim.Kokes at AugustTech.com
Wed Apr 2 10:12:53 EST 2003
Has anyone configured a Site to Site VPN tunnel between a Sidewinder
5.2.1.0.7 and Netscreen 5XP? I've setup both peers and the SA does not like
the way netscreen is formatted the VPN communication.
Setup taken:
NETSCREEN:
VPN Tunnel:
Gateway = YYY.YYY.YYY.YYY
Static IP: XXX.XXX.XXX.XXX
"Aggressive"
Phase1 proposal = 3DES, SHA1, DH2
(pre-g2-3des-sha)
pre-share = XXXXXX
AutoIKE:
Name = NT1-FW2
Remote gateway = FW2
Phase2 proposal = 3DES, SHA1, DH2,
(nopfs-esp-3des-sha)
Policy:
NAME: NT1-FW2
Source, JAMACA (172.20.100.0)
Destination, BLM.Corp (10.10.0.0)
Service, ANY
NAT, OFF
Action, Tunnel
"Check modify incoming VPN policy"
Sidwinder:
SA Netscreen-DSL-PRESHARE
Local subnet = 10.10.0.0 /16
Remote = 172.20.100.0 /24
VPN Tunnel:
Pre-Share Secret = XXXXXXX
Accept = 3DES - SHA1
Phase1 = 28800 TTL 3DES, SHA1, DH2
Phase2 = 3600 TTL 3DES, SHA1,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/vpn/attachments/20030402/2cca1659/attachment.htm
More information about the VPN
mailing list