NetScreen
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [nn] Monitoring of Juniper to Cisco VPN

from [Troy Coulombe] [Permanent Link][Original]
To: "tami" <deadboy@tox.mine.nu>
Subject: Re: [nn] Monitoring of Juniper to Cisco VPN
From: "Troy Coulombe" <TCoulombe@telecomsys.com>
Date: Sun, 28 Jan 2007 11:35:19 -0800
Cc: nn@qorbit.net
Delivered-to: sp-com-lists@consult.net
Delivered-to: ns-list2@consult.net
Delivered-to: nn@qorbit.net
In-reply-to: <20070127.122937.670304231.deadboy@tox.mine.nu>
List-archive: <http://www.qorbit.net/nn>
List-help: <mailto:nn-request@qorbit.net?subject=help>
List-id: "Netscreen mailing list for netscreen admins." <nn.qorbit.net>
List-post: <mailto:nn@qorbit.net>
List-subscribe: <http://qorbit.net/mailman/listinfo/nn>, <mailto:nn-request@qorbit.net?subject=subscribe>
List-unsubscribe: <http://qorbit.net/mailman/listinfo/nn>, <mailto:nn-request@qorbit.net?subject=unsubscribe>
References: <8C837214C95C864C9F34F3635C2A657503FF6D9C@SEA-EXCHVS-2.telecomsys.com><OF8EE6A9C0.3952AD92-ON8525726F.006B63F4-8525726F.006BCD38@csc.com><8C837214C95C864C9F34F3635C2A657503FF6D9D@SEA-EXCHVS-2.telecomsys.com> <20070127.122937.670304231.deadboy@tox.mine.nu>
Sender: nn-bounces@qorbit.net
Thread-index: AcdBw2weltIY807ZTImw72tvdKmvVABT/JFw
Thread-topic: [nn] Monitoring of Juniper to Cisco VPN 
Hmmm, very interesting, I'll give it a shot on Monday morn... many
thanks...


--
TroyC
c: 425.299.8305
d: 206.792.2356

-----Original Message-----
From: tami [mailto:deadboy@tox.mine.nu] 
Sent: Friday, January 26, 2007 7:30 PM
To: Troy Coulombe
Cc: jloiacon@csc.com; nn@qorbit.net
Subject: Re: [nn] Monitoring of Juniper to Cisco VPN

Hi, just in case... 
<http://seclists.org/firewall-wizards/2002/Nov/0183.html>

I had to set these source-int and destination-ip when doing Juniper to
Cisco and Juniper to racoon.  -tami



From: "Troy Coulombe" <TCoulombe@telecomsys.com>
Subject: Re: [nn] Monitoring of Juniper to Cisco VPN
Date: Fri, 26 Jan 2007 13:05:32 -0800
Message-ID:
<8C837214C95C864C9F34F3635C2A657503FF6D9D@SEA-EXCHVS-2.telecomsys.com>

TCoulombe> Yea, unfortunately, that's only an option from a Juniper to
Juniper [and
TCoulombe> works perfectly for J to J].  In fact, Juniper to Cisco, if
you have
TCoulombe> this option enabled, the VPN will not come up [had opened a
JTAC case to
TCoulombe> find this out the hard way]
TCoulombe> 
TCoulombe>  
TCoulombe> 
TCoulombe>  
TCoulombe> 
TCoulombe> -- 
TCoulombe> TroyC 
TCoulombe> c: 425.299.8305 
TCoulombe> d: 206.792.2356 
TCoulombe> 
TCoulombe> ________________________________
TCoulombe> 
TCoulombe> From: Joe Loiacono [mailto:jloiacon@csc.com] 
TCoulombe> Sent: Friday, January 26, 2007 11:37 AM
TCoulombe> To: Troy Coulombe
TCoulombe> Cc: nn@qorbit.net; nn-bounces@qorbit.net
TCoulombe> Subject: Re: [nn] Monitoring of Juniper to Cisco VPN
TCoulombe> 
TCoulombe>  
TCoulombe> 
TCoulombe> 
TCoulombe> There is a capability called 'vpnmonitor' (e.g., get vpn
shows a
TCoulombe> 'monitor' option.) Maybe if you turn this on, it will keep
something in
TCoulombe> the MIB. 
TCoulombe> 
TCoulombe> Joe
TCoulombe> 
TCoulombe> 
TCoulombe> 
TCoulombe> 
TCoulombe> "Troy Coulombe" <TCoulombe@telecomsys.com> 
TCoulombe> Sent by: nn-bounces@qorbit.net 
TCoulombe> 
TCoulombe> 01/26/2007 02:03 PM 
TCoulombe> 
TCoulombe> To
TCoulombe> 
TCoulombe> <nn@qorbit.net> 
TCoulombe> 
TCoulombe> cc
TCoulombe> 
TCoulombe>  
TCoulombe> 
TCoulombe> Subject
TCoulombe> 
TCoulombe> [nn] Monitoring of Juniper to Cisco VPN
TCoulombe> 
TCoulombe>  
TCoulombe> 
TCoulombe>  
TCoulombe> 
TCoulombe>  
TCoulombe> 
TCoulombe> 
TCoulombe> 
TCoulombe> 
TCoulombe> Trying to find the MIB [or _a method_ ] to know when a
Juniper [local]
TCoulombe> to Cisco [remote] VPN is up or down. 
TCoulombe> 
TCoulombe> Using a MIB walker, we can't find anything that will tell us
when the
TCoulombe> VPN is up/down... looking for the IKE state I guess... 
TCoulombe> 
TCoulombe> We have the VPN tied to a tunnel interface, however the
tunnel interface
TCoulombe> being virtual, is always up. 
TCoulombe> 
TCoulombe> Thoughts?  Thanks. 
TCoulombe> 
TCoulombe> -- 
TCoulombe> 
TCoulombe> TroyC 
TCoulombe> 
TCoulombe> C: 425.299.8305 
TCoulombe> 
TCoulombe> D: 206.792.2356 
TCoulombe> 
TCoulombe>   
TCoulombe> 
TCoulombe> The information contained in this message may be privileged
and/or
TCoulombe> confidential. If you are not the intended recipient, or
responsible for
TCoulombe> delivering this message to the intended recipient, any
review,
TCoulombe> forwarding, dissemination, distribution or copying of this
communication
TCoulombe> or any attachment(s) is strictly prohibited. If you have
received this
TCoulombe> message in error, please so notify the sender immediately,
and delete it
TCoulombe> and all attachments from your computer and network. 
TCoulombe> 
TCoulombe>  _______________________________________________
TCoulombe> nn mailing list
TCoulombe> nn@qorbit.net
TCoulombe> http://qorbit.net/mailman/listinfo/nn
TCoulombe> 


The information contained in this message may be privileged and/or 
confidential. If you are not the intended recipient, or responsible for 
delivering this message to the intended recipient, any review, forwarding, 
dissemination, distribution or copying of this communication or any 
attachment(s) is strictly prohibited. If you have received this message in 
error, please so notify the sender immediately, and delete it and all 
attachments from your computer and network.

_______________________________________________
nn mailing list
nn@qorbit.net
http://qorbit.net/mailman/listinfo/nn
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [nn] Netscreen Remote Client and Windows Login, GIULIANO (GMAIL)
Next by Date:  [nn] What is best report tool?, awawa
Previous by Thread:  Re: [nn] Monitoring of Juniper to Cisco VPN, tami
Next by Thread:  [nn] Netscreen Remote Client and Windows Login, GIULIANO (GMAIL)
Indexes:  [Date] [Thread] [Top] [All Lists]