Solved

Juniper VPN client to connect multiple Networks

Posted on 2008-09-29
3
1,593 Views
Last Modified: 2012-05-05
I am using juniper Netscreen remote to connect to my Juniper firewall. In that particular client I can select destnation IP as "ip address", "ip range", or a "network" . If I want to allow the particular user to 2 distict IP's that are not in sequence range, how will I give the option? Also if I want the user to connect two 2 seperate subnets, then how will i configure the client? any idea?
0
Comment
Question by:anishpeter
  • 2
3 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 22616528
Typically, VPN users are trusted users and you are allowing access to a network not a single IP.
You could restrict access by creating a filter on the inside network, the only problem is that you are allowing VPN users to be assigned IPs dynamically. I guess you could create seperate VPNs for each user and dynamically assign one IP, this would give you a source IP allowing granularity with your filters restricting a particular user to resources you determine by network or IP address. Only problem is that you need seperate VPNs per user. This doe snot scale but if you lnly need a few it would not be bad.

harbor235 ;}
0
 
LVL 1

Author Comment

by:anishpeter
ID: 22617739
In ASA, u can use the source as specif IP addess for VPN rule. But in Jubiper VPN addess is always a generic address as"DIALUP VPN" because Juniper assign Dynamic IP only after policy checking. But in Juniper I can use the same rule with different IP sec tunnel for specific IKE user. But my problem is in the client side. I use Netscreen Remote VPN client Application. In that ,I can select destnation IP as "ip address", "ip range", or a "network" . If I want to allow the particular user to 2 distict IP's that are not in sequence range, how will I give the option? Also if I want the user to connect two 2 seperate subnets, then how will i configure the client?  This is the problem in client side, not firewall side. then what to do?
0
 
LVL 1

Accepted Solution

by:
anishpeter earned 0 total points
ID: 22792892
Yes.. At last I found a solution myself. I can use Route basd Dialup VPN in Juniper. This is a rare installtion concept and solve all the problems. This si the actual VPN, that I can take control of the VPN tunnel and user access. If any one need help to configure that u can contact me.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now