Host access via VPN to non-gateway SSG

JuniperForum.com

July 29, 2010, 07:47:36 PM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: If you have an interesting idea for an article or knowledgebase entry, please submit it!

Home

Help

Latest Knowledgebase Articles

How to run the NSM GUI under Mac OS X
How to setup a route-based VPN on a NetScreen
How to make your PPTP VPN client work through a NetScreen/SSG
Setting up a dial-up VPN and NetScreen Remote
How the Global Zone Works (It's probably not what you think)
How to configure NetScreen/SSG devices to work with the built in Mac OS X VPN client
How to Configure Dial-up VPN with route-based tunnels, XAuth, and use IPSecuritas

JuniperForum.com > Security > NetScreen and SSG VPN > Topic: Host access via VPN to non-gateway SSG

Pages: [1]

« previous next »

Author

Topic: Host access via VPN to non-gateway SSG (Read 184 times)

djonas

Newbie

Posts: 1

Host access via VPN to non-gateway SSG

« on: March 11, 2010, 06:56:57 PM »

We have a network to which we've recently added an ssg5 for roadwarrior-style vpn access. This network currently uses a load balancer for its gateway. We got the ssg5 up and running but access to the hosts behind it requires a route on each for the vpn'd hosts. Is there any way around this? The way it works makes sense of course, but could the ssg5 be used as a bridge so that vpn'd hosts appear on the same network? Could vpn'd hosts be nat'd by the ssg5?

To summarize:

Home/192.168.30.100 <--inet conn 1--> ssg5 --- [bunch of hosts/10.1.1.0] --- load balancer <--inet conn 2--> ...

Hosts on the 10.1.1.0 net seem to need a route to 192.168.30.0 so that Home can access them. How to access all hosts?

Thanks for the help. This is really bugging me and I can't seem to find the answer anywhere. Also, any recommendations on configuration are hereby solicited and appreciated.