Configuring an L2TP Over IPSec Tunnel on Juniper SSG520

Posted on 2010-09-17
Last Modified: 2013-11-21
I am trying to create an L2TP Over IPSec Tunnel on a Juniper SSG520 Firewall.  I have been following this document: and it is still not working.  I am not seeing any traffic even going to the "Dial Up VPN" policy.  My ultimate goal is to get mobile devices (iPhones, iPads, Android devices) connected to the VPN to be able to remote desktop computer/servers inside our network.  Has anyone done this before?  Or is there a better way to accomplish this?
Question by:NorthAmerican
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 37

Expert Comment

by:Jian An Lim
ID: 33721310
mobile devices (iPhones, iPads, Android devices) connected to the VPN to be able to remote desktop computer/servers inside our network

I will strongly recommend not to go down with SSG VPN. they are more design to staticly assign.
If you want to get mobile device, I will recommend to use Juniper SA2500. These devices are clear cut and have much granular access to the network.

since you have relationship with Juniper, you should get a demo device from them to try out.


Author Comment

ID: 33725197
We also have an F5 firepass 1200 VPN appliance, but have not figured out how to get that to work with mobile devices, which is why we decided to try with the SSG520.  Is there a way to make it work better with the F5 vpn appliance?

Author Comment

ID: 33725232
Side note:  We are able to log into the vpn from mobile devices, but iPads, iPhones, and adroid devices are not able to download the necessary files to make remote desktop possible.
MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

LVL 37

Expert Comment

by:Jian An Lim
ID: 33730266
do iPhones, iPads, Android devices have java running?

i believe juniper SA (and maybe f5) use java as thier platform to make remote desktop possible.

from what my experience, i can't even get Mac to get a remote desktop because it lack of java.

Author Comment

ID: 33736071
No, I don't believe they run java.  I was thinking somewhere along the lines of creating a tunnel from the mobile devices to either the Juniper SSG520 or Firepass 1200 so that these devices can then use their own apps to log into computers on the network.
LVL 37

Expert Comment

by:Jian An Lim
ID: 33739223
good luck on that then.

i think i have exhausted my part.

If you SSG is under maintenance, give JTAC a call and let them sort out for you.

Accepted Solution

NorthAmerican earned 0 total points
ID: 33861140
I'm going to try posting a different question about this same problem to see if anyone has successfully connected an ipad, iphone, and android device with a sonicwall.  That may be the route we end up going.

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Know what services you can and cannot, should and should not combine on your server.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question