Pretty sure policy-based VPN was unsupported for a short period during
the transition from older code and hardware to the newer, but should be
back in 15.1X49-D50, though I do not know the version of the current
trial software available for download.
-C
On 07/15/2016 12:28 AM, Jed Laundry wrote:
Hi Folks,
I'm looking at converting our aged hardware SRX's onto vSRX, but I
seem to have hit a big scary warning when staging config for
policy-based VPNs, see below:
security {
policies {
from-zone zone-lab to-zone zone-internet {
policy policy-test-ipsec {
match {
source-address addr-lab-testbox;
destination-address addr-remote-testbox;
application any;
}
then {
permit {
##
## Warning: configuration block ignored:
unsupported platform (vsrx)
##
tunnel {
ipsec-vpn vpn-remote;
}
}
}
This is vSRX 15.1X49-D40.6 on VMware. It's just the trial version, I
haven't bought a licence yet.
I haven't yet been able to test if this does or doesn't work (next
week), but the warning doesn't look good.
Is anyone else using vSRX with policy-based VPNs?
Is there something fundamental that I've missed, or a configuration
tweak necessary to convert 12.1 config to 15.1?
Thanks,
Jed.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
