Static route on the local systems for the remote ‘main’ firewall/internet via the local IP of your local Juniper, and a default gateway on local systems pointing to that remote main firewall ?
Erik Goldoff IT Consultant Systems, Networks, & Security ' Security is an ongoing process, not a one time event ! ' From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Friday, September 17, 2010 7:16 AM To: NT System Admin Issues Subject: Juniper VPN Tunnel Query I’m testing a VPN tunnel between what will be two sites. I have the tunnel working just fine between Site A and Site B using a route based VPN, however what I want to do is configure it so that in Site B any traffic for 0.0.0.0 goes over the tunnel so it goes out to the Internet via our main firewall/internet connection. I’m struggling a little on how to configure the Juniper (an SSG running ScreenOS 6.3.x) to do this as its default gateway for 0.0.0.0 is of course the router to the ISP. Thanks. _____ MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 114 5409 96 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
