I need some help with setting up a subnet and a VPN using a Netscreen ns25, any help would be vastly appreciated.
- posted
18 years ago
I need help with a Netscreen NS25.
Loading thread data ...
- Vote on answer
- posted
18 years ago
What help do you need on this? Have you had a look at
formatting link
- Vote on answer
- posted
18 years ago
Log into your support page and download the "Concepts and Examples" guide. It's over 300 pages and leads you through things like that.
In short you will:
- Make a remote network address object in the untrust zone
- Make a local network address object in the trust zone.
- Create matching phase 1 proposals both sides
- Create maching phase 2 proposals both sides
- Create a trust -> untrust policy from the local to the remote network with Encrypt as the action, bound to your phase 2 from step 3.
- Create an untrust -> trust policy from the remote network to the local network with encrypt as the action, bound to the phase 2 from step 3.
That's for policy based. If you want route based...
0,1,2 as above- create an unnumbered tunnel interface
- create the phase 2 proposals bound to the tunnel interface created in step 3. Specify proxy ID's of remote and local subnets.
- create a route for traffic bound for the remote network exiting on the tunnel.1 interface you created
- Create permit and deny policies as desired for traffic going to and from remote and local subnets.
-Russ.