Hello, I have recently swapped out a Cisco ASA with a Juniper SSG due to some problems with SIP on the ASA. The Juniper has been working really well with SIP but I have some problems with the VPN which I am trying to resolve. We have hundreds of dialup IPSEC VPN users who authenticate using RADIUS. The problem is that they keep on getting disconnected or having problems connecting. When I go and monitor the VPN's in the GUI I get the following...
Dialup_VPN 0000817b -1/-1 <IP> AutoIKE Active Down Dialup_VPN 0000816d -1/-1 <IP> AutoIKE Active Down Dialup_VPN 00008176 -1/-1 <IP> AutoIKE Active Down Dialup_VPN 0000816b -1/-1 <IP> AutoIKE Active Down Dialup_VPN 0000814b -1/-1 <IP> AutoIKE Active Down Dialup_VPN 0000817a -1/-1 <IP> AutoIKE Active Down Dialup_VPN 0000816a -1/-1 <IP> AutoIKE Active Down Where we see the tunnels are active but the link is down.. The users then appear to be unable to reconnect. Is there a way to automatically flush the credentials/sa etc so that when they disconnect they are able to log back in again? Where can I go for trying to debug this stuff more easily? Any advice would be really appreciated. Regards, Jimmy. _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
