home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.dcom.vpn      VPN protocols, clients, awesomeness      2,348 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 2,079 of 2,348   
   Mousemen to All   
   Re: Netscreen 5xp Setup Help   
   26 Nov 06 23:50:37   
   
   From: mousemen@you.com   
      
   Ok. Everything was setup right from what I could tell. From what I could   
   tell I had to change the bandwidth on the trust interface from 0 to   
   something.I matched the untrust and trust with 1024 and it works.I was able   
   to ping but unable to move traffic thru the web browser, Now I have to get   
   help on the vpn setup.I dont know if this is possible but I would like to   
   setup a group and then just add users as I need or take away.I am   
   essentially trying to learn this and a cisco pix501 to be able to set them   
   up and have multiple sites connected together.   
      
      
   "Doug McIntyre"  wrote in message   
   news:4569c07e$0$41738$892e0abb@auth.newsreader.octanews.com...   
   > "Mousemen"  writes:   
   >>Its down as I took it of the network temporarily until I can get someone   
   >>to   
   >>help me with it. I just pulled up the settings from that to see if I   
   >>messed   
   >>up the trust ip's/. Not sure if I got the manage ip, trust ip and gateway   
   >>correct. When its connected to the cable modem it will pull an ip from   
   >>that.I'll hook up my laptop to it and it will get an ip.I can use the   
   >>webgui   
   >>to get to the management screens buts as far as it will let me get. Can't   
   >>get out to the internet with it. Do I need to setup the bandwidth useage   
   >>(how if so?) or any other policies. I have had it reset to default. I   
   >>connected the terminal cable to it to only pull the settings on the trust   
   >>side incase someone notices something there.   
   >   
   > Okay, there wasn't enough config/status posted in your first message   
   > to determine if something was right or wrong or what the problem was,   
   > other than you were showing the interface as down.   
   >   
   > Otherwise, the bit you posted looked okay.   
   >   
   > First steps to troubleshoot your problem.   
   >   
   > Make sure you can ping outwards from the firewall and get to your   
   > next-hop gateway.   
   >   
   > Make sure that you have a default static route installed.   
   >   
   > Make sure that you have a policy from Trust->Untrust allowing All-All-Any.   
   > (not every network wants this policy, but it is a default policy, and   
   > lets outbound traffic get out).   
   >   
   > If you are doing NAT (IIRC, you were), make sure the default any   
   > outbound policy has the NAT flag checked.   
   >   
   >   
   > You do NOT need to worry about bandwidth setup, or logging or usage at   
   > this point. Your basic setup is to put the IPs on the interfaces,   
   > setup the default route, and check on your policies. The policies and   
   > interfaces are what you need to worry about starting out.   
   >   
   >   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca