Policy based VPNs and multiple services



  • Hi,
    I need to setup a bidirectional VPN restricted to specified services and am getting the error as described here, which I sort of understand:
    http://kb.juniper.net/InfoCenter/index?page=content&id=KB5735&cat=NS_5200&actp=LIST

    My question is: it suggests all IP services are allowed through the VPN but as it still allows me to setup the policy, will services not specified in the group still be dropped at the FWs? I.e. Whilst technically anything is allowed within the VPN, it will still actually be blocked at either end of that VPN?  If not, it shouldn’t really let me set up a rule that technically misleading, should another admin look at the config and take the policies on face value…
    Apologies if I’ve misunderstood what’s going on here - any thoughts/advice gratefully received!


 

30
Online

38.4k
Users

12.7k
Topics

44.5k
Posts