Am not sure what is the issue. Below is the configuration details
Cisco Config
===============
access-list 50 extended permit ip 192.168.202.0 255.255.255.224 172.16.2.0 255.255.254.0
nat (inside) 0 access-list 50
crypto ipsec transform-set strong-NEWBARRY esp-des esp-md5-hmac
crypto map welmap 25 match address 50
crypto map welmap 25 set peer 63.116.21.194
crypto map welmap 25 set transform-set strong-NEWBARRY
crypto map welmap 25 set security-association lifetime seconds 28800
crypto map welmap 25 set security-association lifetime kilobytes 4608000
crypto isakmp policy 5
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
pre-shared-key *
Juniper config
==============
show security ike
proposal NewYork-Barry-proposal {
authentication-method pre-shared-keys;
dh-group group2;
authentication-algorithm sha1;
encryption-algorithm 3des-cbc;
lifetime-seconds 86400;
}
policy ike-policy-NewYork-Barry {
mode main;
proposals NewYork-Barry-proposal;
pre-shared-key ascii-text "$9$xPaN-w2gJDjqY25Qn6At"; ## SECRET-DATA
}
gateway ike-gate-NewYork-Barry {
ike-policy ike-policy-NewYork-Barry;
address 2.2.2.2;
inactive: local-identity inet 1.1.1.1;
external-interface ge-0/0/0.0;
}
show security ipsec
proposal P2-NewYork-Barry-proposal {
protocol esp;
authentication-algorithm hmac-md5-96;
encryption-algorithm des-cbc;
lifetime-seconds 28800;
}
policy vpn-policy-NewYork-Barry {
inactive: perfect-forward-secrecy {
keys group2;
}
proposals P2-NewYork-Barry-proposal;
}
vpn VPN-Tunnel-NewYork-Barry {
vpn-monitor {
optimized;
}
ike {
gateway ike-gate-NewYork-Barry;
ipsec-policy vpn-policy-NewYork-Barry;
}
establish-tunnels immediately;
}
show security policies from-zone trust to-zone untrust
policy IPSEC-TR-BARRY-1 {
match {
source-address 172.16.2.0/23;
destination-address 192.168.202.0/27;
application any;
}
then {
permit {
tunnel {
ipsec-vpn VPN-Tunnel-NewYork-Barry;
}
}
}
}