cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
255
Views
0
Helpful
3
Replies
e.l
Beginner
Beginner

Netscreen-VPN3000 certificate-base VPN interoperability

Dear All,

Does anyone success to configure certificate-base VPN between NetScreen and VPN3000 ? We got the IKE (Phase1) established but no Phase2 session. Seems like there is an issue with the cert (we are using Entrust to generate cerficates). Would be very appreciate for any help

Best Regards,

1 ACCEPTED SOLUTION

Accepted Solutions
jfrahim
Contributor

Hi there,

Cert checking/validation is a part of IKE phase 1. If you are passing phase1, then cert should not be an issue

You should enable IKE, IKEDBG,IPSEC

Jazib

View solution in original post

3 REPLIES 3
jfrahim
Contributor

Hi there,

Cert checking/validation is a part of IKE phase 1. If you are passing phase1, then cert should not be an issue

You should enable IKE, IKEDBG,IPSEC

Jazib

View solution in original post

Thanks, we are able to pinpoint the problem. It was something wrong with the cert. After we create a new cert and import it to both devices, they can negotiate the VPN without problem. The configuration is very simple, just a plain certificate-base VPN LAN2LAN.

Best Regards,

Engelhard

Hi, I'm also having similar problems. Can you please send me the details of how you did the config.

Thanks,

Naveen

Content for Community-Ad