I don't remember if the J series behaves exactly like the SRXs when it comes to IPSec, but if it is make sure to put the st0.x interface into a security zone and have a security policy allowing the traffic.
I believe that's only a requirement if you're running the enhanced services/security code on the J, but I think you have to be to get IPSec. HTH -----Original Message----- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Bill Sandiford Sent: Wednesday, March 20, 2013 8:47 AM To: juniper-nsp@puck.nether.net Subject: [j-nsp] Help needed with IPSEC VPN on J-Series Hi All, I need some help with an IPSEC tunnel that I just can't seem to get working on a J-6350. I have been able to get the tunnels to come up, but can't seem to pass traffic over the tunnels I've done the usual things. I've created an st0.0 interface and bound it to the tunnel using the bind-interface command. I've created a static route and pointed it at the st0.0 interface. I just can't seem to get traffic to pass over the tunnel. Any help or suggestions would be appreciated. I'm also willing to put a $$$ bounty on this for anyone that is willing to help me get it working via teamviewer. Regards, Bill _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
