Solved

Enable PPTP over Juniper-NS5GT

Posted on 2010-09-05
3
1,248 Views
Last Modified: 2012-06-21
Hi Experts,

We're having difficulties with enabling PPTP (ports 1723 + GRE 47) over this unit.
We're using VIP configuration on our WAN interface, and even when using "set vip multi" - and create a custom service as described in this post (http://www.juniperforum.com/index.php?topic=3183.0), we're still receiving error 720 when trying to connect to the PPTP serve (Windows 2008 x64 std).

If this conf (PPTP) is not supported on the Juniper, is there any other VPN service which may work? Off course taking into consideration the OS VPN limitations which are: PPTP \L2TP \PSec \SSTP.

Thx in advance
0
Comment
Question by:IT_Group1
  • 2
3 Comments
 
LVL 69

Expert Comment

by:Qlemo
ID: 33606891
The port 2048 for GRE is supperflous and maybe even wrong. Just use the protocol 47 without port restrictions.
However, I suppose what you really need is to forward PPTP traffic (not GRE) to your server, and enable the PPTP ALG in NS:
 set alg pptp enable
That should allow to process the GRE traffic which belongs to a PPTP session, without having any forwarding for GRE.
0
 

Author Comment

by:IT_Group1
ID: 33606943
Sounds good, will the juniper requires restart?
0
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 33607270
Not at all. Only vip multi-port and very, very few other settings get active after reboot only. The ALGs can be switched on and off at any time.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Palo Alto Networks: Truly No Hit Count? 2 78
Palo Alto Networks: View Tunnel packet counts? 2 36
local DNS vendor. 4 67
Cisco ASA blocks some https sites. 27 42
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question