Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Juniper VPN client to connect multiple Networks

Posted on 2008-09-29
3
Medium Priority
?
1,622 Views
Last Modified: 2012-05-05
I am using juniper Netscreen remote to connect to my Juniper firewall. In that particular client I can select destnation IP as "ip address", "ip range", or a "network" . If I want to allow the particular user to 2 distict IP's that are not in sequence range, how will I give the option? Also if I want the user to connect two 2 seperate subnets, then how will i configure the client? any idea?
0
Comment
Question by:anishpeter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 22616528
Typically, VPN users are trusted users and you are allowing access to a network not a single IP.
You could restrict access by creating a filter on the inside network, the only problem is that you are allowing VPN users to be assigned IPs dynamically. I guess you could create seperate VPNs for each user and dynamically assign one IP, this would give you a source IP allowing granularity with your filters restricting a particular user to resources you determine by network or IP address. Only problem is that you need seperate VPNs per user. This doe snot scale but if you lnly need a few it would not be bad.

harbor235 ;}
0
 
LVL 1

Author Comment

by:anishpeter
ID: 22617739
In ASA, u can use the source as specif IP addess for VPN rule. But in Jubiper VPN addess is always a generic address as"DIALUP VPN" because Juniper assign Dynamic IP only after policy checking. But in Juniper I can use the same rule with different IP sec tunnel for specific IKE user. But my problem is in the client side. I use Netscreen Remote VPN client Application. In that ,I can select destnation IP as "ip address", "ip range", or a "network" . If I want to allow the particular user to 2 distict IP's that are not in sequence range, how will I give the option? Also if I want the user to connect two 2 seperate subnets, then how will i configure the client?  This is the problem in client side, not firewall side. then what to do?
0
 
LVL 1

Accepted Solution

by:
anishpeter earned 0 total points
ID: 22792892
Yes.. At last I found a solution myself. I can use Route basd Dialup VPN in Juniper. This is a rare installtion concept and solve all the problems. This si the actual VPN, that I can take control of the VPN tunnel and user access. If any one need help to configure that u can contact me.
0

Featured Post

Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question