Policy VPN on Juniper 520

I receive an error stating I can't add multiple services or address to the existing policy VPN. However, when I created a separate policy for the new subnet it shows active up. Why can't I just add the new subnet to the existing VPN rule on both sides? i.e. policy untrust to trust scr dst service any action tunnel is the existing policy. I want to add subnet to this policy. Is this allowed?
Who is Participating?
dpk_walConnect With a Mentor Commented:
When you are trying to add subnet are you using host/network object; one network object can also encapsulate other objects; if yes, then this should work.

Please provide more details, or smoe sanitized screenshot/log as applicable.

Thank you.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.