SRX

 View Only
last person joined: 6 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  SRX 320 site-to-site VPN problem

    Posted 01-14-2017 07:03

    Hello!

     

    I have Juniper SRX 320 with JunOS version 15.1X49-D45

     

    I want configure policy based site-to-site vpn.
    But, i have problem, when i try configure security policy for this vpn i cant write permit tunnel on policy "then" block.

     

    set security policies from-zone trust to-zone untrust policy my-vpn-policy then permit tunnel pair-policy my-vpn-policy-2

     

    tunnel pair-policy my-vpn-policy-2 - no way to do this on srx 320

     

    Please, help me! how i can configure policy based vpn on my juniper srx 320?


    #SRX320
    #IPSec
    #vpn


  • 2.  RE: SRX 320 site-to-site VPN problem
    Best Answer

    Posted 01-14-2017 09:16

    Hi,

     

    Policy based VPNs are supported on the 300 series devices starting from 15.1X49-D50.

     

    http://www.juniper.net/techpubs/en_US/junos15.1x49-d50/information-products/topic-collections/release-notes/15.1x49-d50/topic-107096.html#jd0e359

     

    This can be found under New Features -> VPNs

     

    I would suggest that you upgrade the SRX to 15.1X49-D70 which is a much more stable release to use policy based VPN.

     

    The D70 image can be downloaded form the following location :-

    https://www.juniper.net/support/downloads/?p=srx320#sw

     

    Hope this helps !

     

    Regards,

    Sahil Sharma
    ---------------------------------------------------
    Please mark my solution as accepted if it helped, Kudos are appreciated as well.



  • 3.  RE: SRX 320 site-to-site VPN problem

    Posted 01-14-2017 12:09



  • 4.  RE: SRX 320 site-to-site VPN problem

     
    Posted 01-15-2017 19:13

    Hi Folks,
    I found this tool really helpfull,

    SRX & J Series Site-to-Site VPN Configuration Generator

     

     

    https://www.juniper.net/support/tools/vpnconfig/