Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6319
  • Last Modified:

replacement for Netscreen Remote VPN

Since Netscreen remote VPN software is at the end of life, and will not support Windows 7 I need to find a replacement product.  I have a screen 5GT that  is working fine and I don't want to replace the hardware but I need VPN connectivity to my WinServ 2003 machine.  
The VPN features that I need most are drive mapping to the remote server folders so that my users can easily access the shared data.  Netscreen worked great for this.....
Any suggestions greatly appreciated.
0
JSTechinLA
Asked:
JSTechinLA
  • 4
  • 3
  • 2
  • +3
1 Solution
 
Justin OwensITIL Problem ManagerCommented:
Are you looking for a software or hardware solution to your VPN need?

Justin
0
 
Lieven EmbrechtsSenior IT ConsultantCommented:
Other known software vpn clients (like NCP Secure Client, Shrew Soft client, the Green Bow ipsec client) are all reported to give the same problems on the new Windows 7.  The same happens with wireless internet usb sticks, the software is often incompatible with win7.

If you only need 1 user to access the 2003 server through a vpn-tunnel, you could buy a second-hand 5GT and create a lan2lan tunnel : in this way it doesn't matter if your pc already runs Win7.
 
If you have many remote-vpn users i'm afraid you will have to migrate to a new solution over time. A client-less ssl-vpn solution would be a step forward.
0
 
MRrepair2002zCommented:
Id recommend a SonicWALL SSL-VPN 2000, this device gives you the option to configure network paths by user permission, and web based VPN one click installs.
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
MRrepair2002zCommented:
0
 
srappaportCommented:
I am having very good success using Shrew Soft VPN Client. (www.shrew.net).  It's free and I've been using it with multiple Juniper/Netscreen firewall models.  I found this client because I was in the same situation as you... EOL of Netscreen Remote and newly installed Windows 7 machines.
0
 
JSTechinLAAuthor Commented:
srapport-
Shrew looks like what I need.  I currently authenticate using email address but I don't see that option for Shrew.  Will I need to reconfigure my netscreen for a different policy type?
0
 
srappaportCommented:
You shouldn't have to reconfig the Netscreen.  In the Shrew client, set the Local Identity to User Fully Qualified Domain Name and enter the email address as it is set up in the Netscreen in this field.
0
 
JSTechinLAAuthor Commented:
Ok, now it is asking for a "Valid Certificate file name"  I think it just wants to save this configuration, but I can't find any tab that will let me enter this information.
0
 
srappaportCommented:
Not sure how your Netscreen VPN is set up, but mine are set with preshared keys, not certs, so on the Authentication tab in Shrew client, Auth Method would say Mutual PSK, and then enter the key on the Credentials sub-tab.

For more info, there is also a Juniper/Netscreen how-to for Shrew at http://shrew.net/support/wiki/HowtoJuniperSsg
0
 
JSTechinLAAuthor Commented:
Looks good.  It will just take a lot of configuring. VPN's are not my strong suit.
0
 
srappaportCommented:
Just make sure you match the phase 1, phase 2, and policy settings on both sides.  Some of the terminology may be slightly different between the Netscreen and Shrew settings, but the link I provided should give you a pretty good idea of where to match the settings on the client side.
0
 
BillyBob_nomatesCommented:
Hi Guys,

I have managed to get around this -
Make sure you disable any other VPN that is running or set it to manual

Make sure the local administrator account is enabled
Restart and login with this account (Administrator)

Turn off UAC

Now change the compatible mode of the setup.exe
Change the settings for all users - to run as administrator and choose the option for XP - SP3

Now install and restart.

Now import any certificate that is require etc

By default the Safenet IKE service will not start - so go to services.msc and start the service.

Enjoy/


0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 4
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now