New to the list, so forgive me if I miss some etiquette. I have implemented Shrewsoft on several (10+) networks, and am pretty familiar with Juniper / Netscreen VPN's. I ran into an issue where one of them stopped working. After exhausting configuration options, recreating the VPN's, I still had the same issue. From the firewall I can see the error message:
Rejected an IKE packet on ethernet3 from 63.229.228.145:1933 to 63.253.251.138:500 with cookies 5258772399d01271 and 89bc291a23a99798 because there were no acceptable Phase 1 proposals. The only thing that has changed is the firmware on the router. I recently upgraded to 5.4.0r15.0 (Firewall+VPN) on the Netscreen 25. I didn't beleive this would be the issue, so I upgraded a second Netscreen (5GT) with the same code version, and same thing. Dial-up VPN is broke. Rollback isn't an option as there was a security fix that I needed, but I also need the dial-up VPN. Since Netscreen doesn't support x64 clients I am running out of options. My questions: 1.) Can anyone else confirm that the Netscreen 5.4.0r15.0 broke there dial-up VPN? 2.) Any idea how to reestablish connectivity? 3.) I found the trouble ticket ID: Ticket #3752 (reopened defect) - I would like to note that I have the same issue on Windows 7, x64 even running Head development 2.2.0-alpha-9.
_______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
