?
Solved

Juniper VPN client to connect multiple Networks

Posted on 2008-09-29
3
Medium Priority
?
1,615 Views
Last Modified: 2012-05-05
I am using juniper Netscreen remote to connect to my Juniper firewall. In that particular client I can select destnation IP as "ip address", "ip range", or a "network" . If I want to allow the particular user to 2 distict IP's that are not in sequence range, how will I give the option? Also if I want the user to connect two 2 seperate subnets, then how will i configure the client? any idea?
0
Comment
Question by:anishpeter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 22616528
Typically, VPN users are trusted users and you are allowing access to a network not a single IP.
You could restrict access by creating a filter on the inside network, the only problem is that you are allowing VPN users to be assigned IPs dynamically. I guess you could create seperate VPNs for each user and dynamically assign one IP, this would give you a source IP allowing granularity with your filters restricting a particular user to resources you determine by network or IP address. Only problem is that you need seperate VPNs per user. This doe snot scale but if you lnly need a few it would not be bad.

harbor235 ;}
0
 
LVL 1

Author Comment

by:anishpeter
ID: 22617739
In ASA, u can use the source as specif IP addess for VPN rule. But in Jubiper VPN addess is always a generic address as"DIALUP VPN" because Juniper assign Dynamic IP only after policy checking. But in Juniper I can use the same rule with different IP sec tunnel for specific IKE user. But my problem is in the client side. I use Netscreen Remote VPN client Application. In that ,I can select destnation IP as "ip address", "ip range", or a "network" . If I want to allow the particular user to 2 distict IP's that are not in sequence range, how will I give the option? Also if I want the user to connect two 2 seperate subnets, then how will i configure the client?  This is the problem in client side, not firewall side. then what to do?
0
 
LVL 1

Accepted Solution

by:
anishpeter earned 0 total points
ID: 22792892
Yes.. At last I found a solution myself. I can use Route basd Dialup VPN in Juniper. This is a rare installtion concept and solve all the problems. This si the actual VPN, that I can take control of the VPN tunnel and user access. If any one need help to configure that u can contact me.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question