Solved

Juniper VPN client to connect multiple Networks

Posted on 2008-09-29
3
1,609 Views
Last Modified: 2012-05-05
I am using juniper Netscreen remote to connect to my Juniper firewall. In that particular client I can select destnation IP as "ip address", "ip range", or a "network" . If I want to allow the particular user to 2 distict IP's that are not in sequence range, how will I give the option? Also if I want the user to connect two 2 seperate subnets, then how will i configure the client? any idea?
0
Comment
Question by:anishpeter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 22616528
Typically, VPN users are trusted users and you are allowing access to a network not a single IP.
You could restrict access by creating a filter on the inside network, the only problem is that you are allowing VPN users to be assigned IPs dynamically. I guess you could create seperate VPNs for each user and dynamically assign one IP, this would give you a source IP allowing granularity with your filters restricting a particular user to resources you determine by network or IP address. Only problem is that you need seperate VPNs per user. This doe snot scale but if you lnly need a few it would not be bad.

harbor235 ;}
0
 
LVL 1

Author Comment

by:anishpeter
ID: 22617739
In ASA, u can use the source as specif IP addess for VPN rule. But in Jubiper VPN addess is always a generic address as"DIALUP VPN" because Juniper assign Dynamic IP only after policy checking. But in Juniper I can use the same rule with different IP sec tunnel for specific IKE user. But my problem is in the client side. I use Netscreen Remote VPN client Application. In that ,I can select destnation IP as "ip address", "ip range", or a "network" . If I want to allow the particular user to 2 distict IP's that are not in sequence range, how will I give the option? Also if I want the user to connect two 2 seperate subnets, then how will i configure the client?  This is the problem in client side, not firewall side. then what to do?
0
 
LVL 1

Accepted Solution

by:
anishpeter earned 0 total points
ID: 22792892
Yes.. At last I found a solution myself. I can use Route basd Dialup VPN in Juniper. This is a rare installtion concept and solve all the problems. This si the actual VPN, that I can take control of the VPN tunnel and user access. If any one need help to configure that u can contact me.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question