Hi All,
I am running into an issue I just cant wrap my head around at the moment.
At home I have a SRX300 running JUNOS 18.2R3-S2.9 which sits behind the ISP FTTH router, ports 500, 4500 and ESP are forwarded to the SRX.
I am trying to setup a VPN to the lab we have at the office, accessible by two SRX240H's running JUNOS 12.1X46-D86 in cluster mode.
For some reason I can't get the tunnel up and visible on the primary SRX240, yet the SRX300 at home thinks everything is honky dory.
HOME-SRX300:
leon@SRX300> show security ike security-associations
Index State Initiator cookie Responder cookie Mode Remote Address
8047590 UP a7e26ece934f0485 bf66d83ad27db7b2 IKEv2 a.a.a.a
leon@SRX300> show security ipsec security-associations
Total active tunnels: 1 Total Ipsec sas: 1
ID Algorithm SPI Life:sec/kb Mon lsys Port Gateway
<131073 ESP:aes-cbc-256/sha256 beec2d48 3590/ unlim - root 4500 a.a.a.a
>131073 ESP:aes-cbc-256/sha256 8005bac 3590/ unlim - root 4500 a.a.a.a
LAB-SRX240:
leon@SRX240> show security ike security-associations
node0:
--------------------------------------------------------------------------
{primary:node0}
leon@SRX240> show security ipsec security-associations
node0:
--------------------------------------------------------------------------
Total active tunnels: 0
{primary:node0}
a.a.a.a = LAB public IP address
b.b.b.b = HOME public IP address
Configs and flow sessions are attached.
Any pointers are highly appreciated 🙂
#SRX240#vpn#ike#IPSec#srx300