Re: [swinog] Juniper VPN to a dyndns site
Not a good time to trust DNS servers ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Josh Geisser Sent: vendredi, 25. juillet 2008 13:41 To: [EMAIL PROTECTED] Subject: [swinog] Juniper VPN to a dyndns site Hi Swinog I've noticed that quite a few Firewalls don't support VPN to a DNS name as peer, so you'll have to enter the remote IP , and better having a fixed IP on the remote site :) Does anyone know whether it's possible to enter a dyndns record as remote side on a Juniper Firewall? Cheers Josh ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Juniper VPN to a dyndns site
Ah cool thx a lot. It's a shame that pfSense can't cope with dns peers yet. I've noticed the 'remote init' setting on a Astaro as well, but never tried it. So with this you can create a tunnel without a remote preer? Having remote network, PSK/cert and the crypt params right and that's it? Cheers Josh -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Michele Capobianco Gesendet: Freitag, 25. Juli 2008 14:43 An: '[EMAIL PROTECTED]' Betreff: Re: [swinog] Juniper VPN to a dyndns site Hey Josh Yes, its possible to use a dyndns name. Or its even better, you can configure the Remote Firewall to initalise the tunnel. So the local site does not even need to know the adress of the remote site. We use Juniper sience ages with such tunnels. Regards Michele -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Josh Geisser Gesendet: Freitag, 25. Juli 2008 13:41 An: [EMAIL PROTECTED] Betreff: [swinog] Juniper VPN to a dyndns site Hi Swinog I've noticed that quite a few Firewalls don't support VPN to a DNS name as peer, so you'll have to enter the remote IP , and better having a fixed IP on the remote site :) Does anyone know whether it's possible to enter a dyndns record as remote side on a Juniper Firewall? Cheers Josh ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ Unsere kostenlose Fachveranstaltung zu den Themen: Prozessmanagement - Qualitätssicherung - Dokumentenmanagement «Sind Ihre Unternehmensprozesse effektiv und trotzdem flexibel organisiert?» - Donnerstag, 11.09.2008, im Hotel Schweizerhof in Luzern oder - Dienstag, 16.09.2008, im Radisson SAS Hotel in St. Gallen Mehr Infos und das Anmeldeformular finden Sie auf: www.online.ch/veranstaltungen ___ ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Juniper VPN to a dyndns site
Exact! -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Josh Geisser Gesendet: Freitag, 25. Juli 2008 15:05 An: [EMAIL PROTECTED] Betreff: Re: [swinog] Juniper VPN to a dyndns site Ah cool thx a lot. It's a shame that pfSense can't cope with dns peers yet. I've noticed the 'remote init' setting on a Astaro as well, but never tried it. So with this you can create a tunnel without a remote preer? Having remote network, PSK/cert and the crypt params right and that's it? Cheers Josh -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Michele Capobianco Gesendet: Freitag, 25. Juli 2008 14:43 An: '[EMAIL PROTECTED]' Betreff: Re: [swinog] Juniper VPN to a dyndns site Hey Josh Yes, its possible to use a dyndns name. Or its even better, you can configure the Remote Firewall to initalise the tunnel. So the local site does not even need to know the adress of the remote site. We use Juniper sience ages with such tunnels. Regards Michele -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Josh Geisser Gesendet: Freitag, 25. Juli 2008 13:41 An: [EMAIL PROTECTED] Betreff: [swinog] Juniper VPN to a dyndns site Hi Swinog I've noticed that quite a few Firewalls don't support VPN to a DNS name as peer, so you'll have to enter the remote IP , and better having a fixed IP on the remote site :) Does anyone know whether it's possible to enter a dyndns record as remote side on a Juniper Firewall? Cheers Josh ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ Unsere kostenlose Fachveranstaltung zu den Themen: Prozessmanagement - Qualitätssicherung - Dokumentenmanagement «Sind Ihre Unternehmensprozesse effektiv und trotzdem flexibel organisiert?» - Donnerstag, 11.09.2008, im Hotel Schweizerhof in Luzern oder - Dienstag, 16.09.2008, im Radisson SAS Hotel in St. Gallen Mehr Infos und das Anmeldeformular finden Sie auf: www.online.ch/veranstaltungen ___ ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ Unsere kostenlose Fachveranstaltung zu den Themen: Prozessmanagement - Qualitätssicherung - Dokumentenmanagement «Sind Ihre Unternehmensprozesse effektiv und trotzdem flexibel organisiert?» - Donnerstag, 11.09.2008, im Hotel Schweizerhof in Luzern oder - Dienstag, 16.09.2008, im Radisson SAS Hotel in St. Gallen Mehr Infos und das Anmeldeformular finden Sie auf: www.online.ch/veranstaltungen ___ ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog