On the road off creating a 3-leg perimeter with one of our customers with Forefront TMG and a Juniper SRX100 on both ends I got some bumps that are almost solved ...but one.
I have created the following situation;
Now I have the following problem;
I can ping from my hosts on the datacenter side (1) to the internal interface of the Juniper (3) but I cannot ping the hosts on the other side of the Site-to-Site VPN. The VPN is up because when I connect my laptop to the Juniper and add the rule "route add 172.16.10.0 MASK 255.255.255.0 172.30.15.1" I can access the hosts on the other side. The message on my side is "Reply from 172.30.15.253: Destination host unreachable." Did I do something wrong with the routing or is it a Juniper problem?