Solved

multiple address are not supported at current stage for bidirectional vpn policy

Posted on 2010-09-17
7
1,727 Views
Last Modified: 2013-11-16

 is there a way that i can create multiple services for bidirectional vpn policy in netscreen?
0
Comment
Question by:ragot
  • 4
  • 3
7 Comments
 
LVL 18

Expert Comment

by:Sanga Collins
Comment Utility
You would have to make your question more specific. but in short yes you can.
0
 

Author Comment

by:ragot
Comment Utility
sangamc : how? im using netscreen 25 firewall
0
 
LVL 18

Expert Comment

by:Sanga Collins
Comment Utility
when logged in on the web interface. go to the policies section and click on 'edit' link for the bi directional VPN policy. In the section where you can specify service, click on multiple and add all the different services you would like to allow. You will need to do this for each direction of the VPN. in some cases i allow a completely different set of outgoing services like DNS, SMTP and HTTP than for the incoming services like HTTPS, RDP VNC

hope this helps
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:ragot
Comment Utility
thanks sangamc : i already did that and i got the error which i posted as subject here. i have a bi directional vpn policy for untrust-trust and vice versa. hope you can give me a solution for it thanks a lot
0
 
LVL 18

Expert Comment

by:Sanga Collins
Comment Utility
That is very strange if you already did the config as I described. If you set the VPN services to 'Any' on both incoming and outgoing policies, and enable logging on session close you should be able to see if traffic is indeed going through the VPN.

You might have a problem elsewhere so this will help track it down
0
 

Author Comment

by:ragot
Comment Utility
yes the traffic is indeed going through the VPN, can i disable first the bi-directional vpn on trust-untrust and try to edit the bi-directional policy on untrust-trust first? then enable back the other one and edit it
0
 

Accepted Solution

by:
ragot earned 0 total points
Comment Utility
it works when i unchecked modify matching bi directional policy
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now