ScreenOS to PAN VPN?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ScreenOS to PAN VPN?

L4 Transporter

Tomorrow I intend to try and get a Juniper SSG talking to our PAN so I can have a VPN tunnel between two sites.

The PAN is already configured using the defaults in the example PDFs on the knowledge base.

Does anyone know if there are any specifics that need to be configured on the SSG?

There are a few examples in the ScreenOS manual and I'm hoping it's a case of follow and adapt, but I'm not that knowledgeable about IPSEC VPNs and all the IKE1 and IKE2 fundamentals so if there are any tips and tricks I'd be grateful.

Thanks.

2 REPLIES 2

L4 Transporter

Make sure you have the following on the SSG

1) To match the defaults on PAN OS, make sure that you use security level of standad for both Phase1 ( ike) and Phase 2( IPSec) for the propo sals on the SSG.S.

2) Use route based VPN on the ScreenOS

Brilliant thank you.

I found a scenario in Chapter 4 of the ScreenOS guide that looks more or less identical to what I want to do (obviously they have ScreenOS on both sides) so hopefully I can follow that and just change the IP's.

Route based was what I assumed I wanted as in this case we want to simply fire anything for 0.0.0.0 from in the site behind the ScreenOS over the VPN tunnel.

  • 2381 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!