Code:
000
000 "Remote_Office_Netscreen": 172.20.0.0/16===...===192.168.10.0/24
000 "Remote_Office_Netscreen": CAs: '%any'...'%any'
000 "Remote_Office_Netscreen": ike_life: 28800s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
000 "Remote_Office_Netscreen": policy: PSK+ENCRYPT+TUNNEL; interface: eth3; erouted
000 "Remote_Office_Netscreen": newest ISAKMP SA: #47; newest IPsec SA: #57; eroute owner: #57
000 "Remote_Office_Netscreen": IKE algorithms wanted: 5_000-1-2, flags=-strict
000 "Remote_Office_Netscreen": IKE algorithms found: 5_192-1_128-2,
000 "Remote_Office_Netscreen": IKE algorithm newest: 3DES_CBC_192-MD5-MODP1024
000 "Remote_Office_Netscreen": ESP algorithms wanted: 3_000-1, flags=-strict
000 "Remote_Office_Netscreen": ESP algorithms loaded: 3_168-1_128,
000 "Remote_Office_Netscreen": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=
000
000 #57: "Remote_Office_Netscreen" 70.129.234.130 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 27261s; newest IPSEC; eroute owner
000 #57: "Remote_Office_Netscreen" 70.129.234.130 esp.5dd04ad@70.129.234.130 esp.671e0c14@216.60.144.250 tun.1062@70.129.234.130 tun.1061@216.60.144.250
000 #47: "Remote_Office_Netscreen" 70.129.234.130 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 484s; newest ISAKMP
000
172.20.0.0/16:0 -> 192.168.10.0/24:0 => tun0x1062@:0
I have not configured any additional packet related policies on either the netscreen or the Astaro. This is the most likely the problem, but I'm hoping someonecan tell me how to configure a policy on both ends...
This thread was automatically locked due to age.