Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: VPN Problems between WatchGuard Firebox 700 and Netscreen 5

From: Jason <jason () jasonandjessi com>
Date: Tue, 2 Mar 2004 15:09:07 -0600 (CST)
Are you using a policy based vpn or route based vpn on the Netscreen?
What version of screenos are you running on the 5?

-- 
       Jason
www.jasonandjessi.com
It gimme the jibblies

On Tue, 2 Mar 2004, David Kison wrote:


Good Morning.

I am currently experiencing getting a IPSEC VPN between a WatchGuard Firebox
700 and a Netscreen 5 functioning in both directions.  I am able to pass
traffic from behind the Firebox to the remote network and get a return but
if I am attempt to pass traffic from behind the Netscreen 5, I am 100%
unsuccessful.  In the traffic logs on the WatchGuard, I am seeing denies
related to spoofed source packets on the IPSEC "interface".  It appears that
the Netscreen is passing the public address of the firewall instead of the
private address of the initiating system behind the Netscreen.  Both
firewalls are NATing private Class C networks.

I am out of ideas on the issue.  Has anyone seen a similar issue?  Any
solutions?

Thanks in advance.

Dave

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: