Juniper to Cisco VPN

In order for a VPN to work between Cisco and Juniper, each subnet needs to be defined on the Juniper firewall as a proxy-id. The juniper firewall also requires “policies” to be created to allow all of this traffic. Two policies are necessary for each local to remote subnet – one for each direction the ...

Juniper ScreenOS troubleshooting

Traffic flow debugging This is the most common way that I have set up debugs to determine what is happening to the traffic: set ff src-ip [source ip] dst-ip [dest ip] clear dbuf debug flow basic get db stream The first line (set ff…) is not necessary, but is very useful to limit the debug ...