dickeypjeep at yahoo
Aug 29, 2012, 10:22 AM
Post #2 of 2
(452 views)
Permalink
|
|
Re: Multi-proxy IDS on route based VPN (SRX)
[In reply to]
|
|
I can think of two options: Use GRE so you don't have to worry about the
multiple proxy IDs. Not sure this would work for you with multi-site though.
You can create multiple proxy-ids using different/several phase 2 tunnels
with the same/single phase 1 gateway. This is a bit tedious, but I'd think
it could work for you.
Patrick
-----Original Message-----
From: juniper-nsp-bounces [at] puck
[mailto:juniper-nsp-bounces [at] puck] On Behalf Of mahmoud yasin
Sent: Wednesday, August 29, 2012 2:34 AM
To: juniper-nsp [at] puck
Subject: [j-nsp] Multi-proxy IDS on route based VPN (SRX)
Hi
I have SRX and want to setup Site-Site VPN with another vendor (Cisco), but
i have the following conditions;
- I have more than one site to create VPN with it.
- There are multible subnets on each VPN tunnel.
- The private Subnets are overlapping (so i have to use NAT over the VPN).
based on this i think that i have to go with route based VPN (due to the
required NATing), am i right?
if so then i have to create multi proxy IDs for each tunnel, but its not
supported.
is there ane idea about this case??
Regards
Mahmoud
_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp
|
