troubleshooting Question

Juniper SRX Site to Site VPN not working

Avatar of bominthu
bominthuFlag for Myanmar asked on
VPNHardware FirewallsInternet Protocol Security
14 Comments4 Solutions1856 ViewsLast Modified:
Hi Experts

I have never configured Site to Site VPN for Juniper srx240h2 and I have a customer that want me to setup Site to site VPN. Since I'm not familiar CLI for this Juniper SRX, I followed from this link http://www.petenetlive.com/KB/Article/0000710.htm (only for Juniper as for both Firewall are same Juniper SRX) .
I did not set "Step 3 - Additional Steps required (for Cisco ASA)" as I assume it is only required if one site is ASA.

After done, when I check in - Interface - port - S0.1 I can see it is showing UP.
And in Monitor tab - IPsecVPN- Phase 1 , also it is showing as UP.

But I cannot ping from one site to another site internal IP.
I can see policy to allow from Local subnet to remote subnet, remote subnet to local subnet is automatically added.

Software versions are as follows:
1. JUNOS Software Release [12.1X44-D15.5]
2. UNOS Software Release [12.1X44-D10.4]
Any suggestion why it cannot connect each other ? What else I can check to troubleshoot ?

Thanks
ASKER CERTIFIED SOLUTION
Faruk Onder Yerli
CTO

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 4 Answers and 14 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 4 Answers and 14 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros