Testing ISA 2004 with Netscreen

Posted on 2004-11-17
Last Modified: 2013-11-16
I need to setup a site to site ipsec (pre shared key) tunnel between my compamy and one of our suppliers. We are running MS ISA 2004, they are running Netscreen (screenOS 3.1)

Before i contact them to initiate testing, i would like to test the site to site link myself.

Can anybody give me advice on how to set up a aite to site link in a lab?

Would i need 2 ISA severs, or can i use 1 server and 1 workstation?

I read somewhere, for ISA and Netscreen to connect, ISA needs to initiate the tunnell, hwo would i get ISA to do this?

Thanks for your help.
Question by:beplas
    LVL 9

    Accepted Solution

    the tunnel is initiated by whomever tries to connect first as far as netscreens are concerened.

    if you want the ISA server to initiate send the traffic from there first :)\

    You can also create a preshare key with the software NSR (netscreen remote) client. so you can vpn from your computer ( or any NSR client) to the vpn as long as you have it set up correctly. use can test the preshare with that.

    I can't help with the ISA... sorry.

    hope it helps/
    LVL 1

    Expert Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
    The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now