[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1867
  • Last Modified:

multiple address are not supported at current stage for bidirectional vpn policy


 is there a way that i can create multiple services for bidirectional vpn policy in netscreen?
0
ragot
Asked:
ragot
  • 4
  • 3
1 Solution
 
Sanga CollinsSystems AdminCommented:
You would have to make your question more specific. but in short yes you can.
0
 
ragotAuthor Commented:
sangamc : how? im using netscreen 25 firewall
0
 
Sanga CollinsSystems AdminCommented:
when logged in on the web interface. go to the policies section and click on 'edit' link for the bi directional VPN policy. In the section where you can specify service, click on multiple and add all the different services you would like to allow. You will need to do this for each direction of the VPN. in some cases i allow a completely different set of outgoing services like DNS, SMTP and HTTP than for the incoming services like HTTPS, RDP VNC

hope this helps
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
ragotAuthor Commented:
thanks sangamc : i already did that and i got the error which i posted as subject here. i have a bi directional vpn policy for untrust-trust and vice versa. hope you can give me a solution for it thanks a lot
0
 
Sanga CollinsSystems AdminCommented:
That is very strange if you already did the config as I described. If you set the VPN services to 'Any' on both incoming and outgoing policies, and enable logging on session close you should be able to see if traffic is indeed going through the VPN.

You might have a problem elsewhere so this will help track it down
0
 
ragotAuthor Commented:
yes the traffic is indeed going through the VPN, can i disable first the bi-directional vpn on trust-untrust and try to edit the bi-directional policy on untrust-trust first? then enable back the other one and edit it
0
 
ragotAuthor Commented:
it works when i unchecked modify matching bi directional policy
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now