I need your advice for a matter. I work for an IT solutions provider. My company provides customers with Juniper Netscreen 5GT firewalls. I have a customer who has a site-to-site VPN setup on the Juniper in his premise to the Juniper in another office. The VPN sessions work fine with no issues. The only problem is when he uses an application known as Fortinet VPN client to VPN to a remote server in another location. Somehow the Juniper seems to block the application from connecting as when he by-passes the Juniper and connects directly to the modem/router, he is able to use the application. The application requires the opening of ports 500, 4500 and 8990. I have enabled the VIP service on the Juniper as well as created a policy to allow access to the remote server but the issue still remains. Going through the firewall is a no-no but by-passing it doesn't cause problems. All advices on the matter are most appreciated.