Solved

IPSec Site-to-site VPN between Sonicwall NSA3500 and Juniper SRX650

Posted on 2010-11-25
6
2,262 Views
Last Modified: 2012-08-14
Hi Experts,

Is this feasible? I could not find any documentation regarding the configuration.

Please advise.

thanks,

Jimmy
0
Comment
Question by:jimmy1829
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
ID: 34214024
yes.  review this article and see if it helps.  i've configured a VPN between a soncwall and several different other appliances, but never a Juniper.  however, there shouldn't be many differences.

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=7166
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 34214050
I have site-to-site betwen a Cisco LinkSys RV02 and a Juniper NS5GT. Different boxes but site-to-site works great. You need a user object, a policy, and VPN and Autokey setting on the Netscreen. You need to check the settings carefully but it does work for me. I had to set NAT Traversal ON on the RV042 to make the connection.

... Thinkpads_User
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 34214453
SRX runs JunOS, NetScreen and SSG run ScreenOS. Not quite the same, but JunOS should have more features then ScreenOS. However, I could not find any reference of someone having accomplished to get it running together.

I have been using ScreenOS against many different brands, but no Sonicwall yet. If I have difficulties, I let the other side establish a connection, and debug the messages I receive - they are almost always directing me to the required settings.

ScreenOS and JunOS are very flexible with IPSec devices. I can only recommend to set up a policy based VPN on SRX, using the same proposals as on Sonicwall, taking care of the encryption domain (Proxy ID).
0
 
LVL 18

Expert Comment

by:deimark
ID: 34214851
Qlemo is correct, SRX runs Junos and not screenos.

There is almost full feature parity between screenos and junos (with the remaining details to be ironed out soon) however, the basics of the VPN config in screenos and junos are fairly similar.

In screenos you create an IKE gateway for phase 1 and an autokey ike for the phase 2 settings.  Junos has a gate to configure under the security ike stanza for phase 1 and a vpn under the security ipsec stanza.

In short though, the VPNs are possible, if you have nay detailed questions, post her and we will do our best to answer
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 34386503
It is impossible to know if any solutions here have worked since there has been no comment from the asker. I recommend deleting the question. ... Thinkpads_User
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question