Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 1 subscriber
  • Views 6215 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM9 to Juniper SRX 100

Shway
I am having an issue connecting a Juniper SRX 100 to a Sophos UTM9 AWS instance. 

I am very new to Sophos and am unsure how to even get the output for the IPSEC tunnels. Please help!!


This thread was automatically locked due to age.
Parents
  • 0
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #2: sent MR3, ISAKMP SA established
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #3: responding to Quick Mode
     2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #2: received Delete SA payload:

    You see that the clue was after the long log that you first posted.

    Quick and dirty so that you don't have to make changes in the Juniper - assuming that it has its public IP on the interface that's the VPN endpoint... Change the Remote Gateway definition to "Respond only."  On the 'Advanced' tab of 'IPsec', confirm that 'Enable probing of preshared keys' is checked.  Any luck?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #2: sent MR3, ISAKMP SA established
    2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #3: responding to Quick Mode
     2013:06:26-09:36:51 AMZN-VPN001 pluto[21517]: "S_AllStream - Juniper" #2: received Delete SA payload:

    You see that the clue was after the long log that you first posted.

    Quick and dirty so that you don't have to make changes in the Juniper - assuming that it has its public IP on the interface that's the VPN endpoint... Change the Remote Gateway definition to "Respond only."  On the 'Advanced' tab of 'IPsec', confirm that 'Enable probing of preshared keys' is checked.  Any luck?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML