This article describes the issue of the SRX device, which has configured VPN with SHA2 in the IPsec proposal, being unable to decrypt the encrypted traffic; even though it has established the VPN tunnel. Junos and SSG have two generations of SHA2-256 algorithms; the first one uses the 96 bit-length data field and the second one uses the 128 bit-length data field. Due to … [Read more...]
Dynamic VPN tunnel goes down at random and prompts for user name and password
Pulse VPN for SRX disconnects randomly and prompts for user name and password again. Pulse is disconnected on its own. It prompts for user name and password again. The Pulse VPN tunnel goes down and connectivity toward the remote network also fails. In Windows system, with Pulse debug log, we can see the following log message sequence. These log messages are collected in … [Read more...]
Junos Pulse for Android does not display the ‘Intranet’ link when connected to a VPN tunnel on a device running Android 4.0 and later
This article explains why Junos Pulse for Android does not display the Intranet link when connected to a VPN tunnel on a device running Android 4.0 and later. The Intranet link is not displayed by the Junos Pulse for Android application, when connected to a VPN tunnel on a device running Android 4.0 and later. This issue will occur when the following conditions are … [Read more...]
Can an IPsec VPN tunnel be terminated when the external interface belongs to a routing instance?
Unable to terminate an IPSec VPN tunnel, when the external interface belongs to a routing-instance. Assume the following: Ge-0/0/2 is the external interface with the 1.1.1.2/30 IP address. Remote IPSec peer is 2.2.2.2. You want to route traffic from the 10.10.10.0/24 virtual router LAN to the 10.10.20.0/24 remote LAN. Both the internal LAN and external Internet … [Read more...]