SetupVPN



  • Hello
    I use netscreen 5gt
    I opened the port tcp 1723 from objects –-> custom .

    but i cant connect through vpn . what steps i have to do in order to get vpn connection.
    note: im in dubai , my pc should be the server , and the other branch in moncao should connect to my server.

    regards
    hashem



  • No need to block anything on the screen options. For port forwarding look into configuring a VIP. Refer to C&E guides for examples of how to configure a VIP.
    http://www.juniper.net/techpubs/software/screenos/

    You also may want to enable vip multiport before you begin. This is done via CLI:

    set vip multi-port

    Note: this will require a reboot.



  • hello
    should i stop any option from the untrested zone in the screening menu .

    and how can i forward the port to a computer on my network , for example
    i want to forward port 1723–-- to computer ip 192.168.1.119

    regards



  • That depends on which software version you have loaded. In later versions you should have a predefined service for PPTP which covers both the TCP 1723 and the GRE. Otherwise you need to create a custom service for IP proto 47.

    Example:
    set service GRE protocol 47 src-port 1-65535 dst-port 1-65535



  • thx
    but how to setup GRE

    regards



  • I assume you mean PPTP. You also need to allow IP protocol 47 which is for GRE. Note that this is IP protocol 47 and not TCP/UDP port 47.


 

35
Online

38.4k
Users

12.7k
Topics

44.5k
Posts