And another question how can I tell to which zone the tunnel interface is bound?
-----Original Message----- From: Stefan Fouant [mailto:[EMAIL PROTECTED] Sent: Saturday, May 17, 2008 6:58 PM To: sunnyday Cc: Juniper-Nsp; [EMAIL PROTECTED] Subject: Re: [j-nsp] Netscreen vpn There is just not enough information supplied to determine the problem. Is the tunnel interface bound to the Trust zone, or the Untrust zone? If it's bound to the Trust zone and you haven't explicity blocked intrazone traffic then you don't need a policy. Are you using any other Virtual-Routers other than the Trust-VR? If so, you'll need to configure Inter-VR routing. Have you enabled ping on the Trust interface? I think it's enabled by default on the Trust interface but you might want to double check. Can you describe your configuration in more detail? Stefan Fouant On Sat, May 17, 2008 at 6:02 AM, sunnyday <[EMAIL PROTECTED]> wrote: > > > Hello I have configured a dialup vpn and successfully created the tunnel and > received ip address but I cannot manage to ping the netscreen`s > > Trust interface. The ip address the vpn has is 10.250.250.1 and the trust > interface is 192.168.10.1. I tried with static routes and policies > > With no result can you please help me out with this one? > > Thank you > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp