Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Hi,Could you please help me with advice. I'm not professional with Juniper (at least not yet :)) and faced with following problem.I have SRX345 on my platform, and I decided to configure vpn connection for remote user using Secure Connect. As installation guide I used next video: https://www.youtube.com/watch?v=uB54u-4cFGo repeating everything step by step as in video. And as result after performing all configurations as in video I successfully connected to my SRX345 using windows and iphone Secure Connect clients.But! Next day this installation stopped work. Client showed:
The reboot of SRX solves the problem for some time (I can't say for what period, for hour or few hours), but after the issue with connection back.And, it's doesn't matter if I try to connect to SRX after reboot or not, after expiration of some time connection is impossible. I tried to catch HTTPS packets when connection establishing successfully and when not using 'security flow traceoptions' on SRX and found that session is blocking by plugin junos-remote-access-gw:Nov 12 16:04:52 16:04:52.522733:CID-0:RT:[JSF]Normal interest check. regd plugins 44, enabled impl mask 0x0
Nov 12 16:04:52 16:04:52.522733:CID-0:RT:get NULL sess plugin info 0xd3849e8
Nov 12 16:04:52 16:04:52.522733:CID-0:RT:+++++++++++jsf_test_plugin_data_evh: 3
Nov 12 16:04:52 16:04:52.522733:CID-0:RT: plugin junos-remote-access-gw(42) aborted sess creation. rc 6
Nov 12 16:04:52 16:04:52.522733:CID-0:RT: packet dropped, plugin interest check failed
Nov 12 16:04:52 16:04:52.522733:CID-0:RT:flow_initiate_first_path: first pak no session
Nov 12 16:04:52 16:04:52.522733:CID-0:RT: flow find session returns error.
What could be the reason for this issue?
In addition I don't have any problems or warnings during the configuration using CLI, but see warning ' Adding Global address is not allowed, when zone based address is defined ' on j-web when try to check the configuration of VPN there.
I'm actually using the public interface on the interface which faced to Internet. And I can't find some restriction about that in documentation for Secure Connection.
Thank you very much in advance for your ideas!
Thank you for your advice.
I've forgotten to say in my publication with problem description that I have SW 20.1 R1.12 on my SRXes.
I've found almost the same reported issue in the 'Problem Report Search' (PR1571326).
I'll do the SW upgrade to the latest version and check again.
Thank you, it was really problem with soft. I've updated SW to 21.3R1.9 and don't see the issue with SecureConnect VPN connection at least for now.
Could you please help with advice which vpn client should I use for Linux machines to use Secure Connect VPN. There is no Linux clients app for downloading from juniper web site.