Hi! Experts Sorry for disturbing, I want to confirm will SRX550M antivirus engine works offline? it seems SRX550M only have sophos antivirus engine presently and I found some words in Juniper KB: "Sophos antivirus uses a small set of data files that ...
I just figured it out! It was the IKE ID's. I was getting this error in the kmd logs: IPSec negotiation failed with error: Peer's IKE-ID validation failed during negotiation Because this is an AutoVPN, it needs to use certificates for authentication. ...
Thanks for the suggestion. NAT-T is on by default, and I haven't disabled it
Do you have nat traversal on in the configuration? This is required when the gateway interface address is behind a nat. ------------------------------ Steve Puluka BSEET - Juniper Ambassador IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet ...
Naturally with cross vendor connections you need to be extra careful in matching all the phase 1 and phase 2 settings. But these are the SRX side configs for route based vpn with ikev2. https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-vpns-for-ikev2.html ...