RE: VPN newbie needs some help

[Joe Vasquez]

John,   Not enough information but I suspect you may be trying to do this in Transparent mode. This will need some routes added in. Otherwise I am not sure how you could be doing this with NAT or Route mode?   If you want an easy setup for proof of concept: put a PC behind each Netscreen 5xp. Set the Netcreens in NAT mode with different 10.0.0.x subnets on each trusted side. Set the untrusted sides with a 192.168.x.x number.  Make sure the PC's can ping the rest of the 192 network. Do the test VPN with Autokey and it should not be too  difficult to work.  I usually can get my customers up and more or less self sufficient in about 30 minutes.   Joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Trader's Paradise Sent: Thursday, April 25, 2002 8:15 AM To: [EMAIL PROTECTED] Subject: VPN newbie needs some help I've got a pair of NetScreen 5xp boxes that I am trying to setup as a proof of concept experiment.  Right now I can only "play" with them on my local network behind my fireway (192.168.x.x).  I am following the examples given in Chapter 7 of the Concepts & Examples file on the NetScreen documentation CD.  For some reason I can not establish the VPN connection.  Is it because the untrusted networks are from the same class C address space?  I know routers won't route on the same subnet but will the VPN not connect on the same subnet?   Understand I'm not new to networking (been admining LANs for about 9 years now) this is just the first time I've had to deal with VPNs.   TIA,   John Guynn System Administrator [EMAIL PROTECTED] www.tradersparadise.com