I've got an issue with a site to site vpn between a few netscreens. Imagine a corporate site with a few branches. At the corporate site, there is a Netscreen 50, with site to site VPN's to all the branches who also have netscreens.
Every branch is nearly set up identical, but for some reason, two of the 4 branches are experiencing difficulty passing traffic. I can ping with no issue back and forth, and can telnet on every single port, such as 23, 25, 110, 137, etc...
But, at these two branches, I have problems getting exchange to work with outlook clients at the branches, and exchange server at the corporate office. Sometimes it works really slowly, or sometimes not at all. Even using the web interface for exchange, it dies. They also have issues running some their web based applications that run back to the corporate office. But, I can transfer files back and forth.
However, if I bypass the site to site vpns and just use the microsoft pptp client, forward ports on the VPN, and have the remote branches connect to the outside IP, of the netscreen, all is working fine.
Keep in mind, the other two branches see no issues at all. These are using faster connections, I believe. The branches that are having issues are using DSL's through local telcoms.
I dunno, sometimes I just wanna smash the entire setups of netscreens and just use a bunch of untangle boxes. Easier to program and use.
Every branch is nearly set up identical, but for some reason, two of the 4 branches are experiencing difficulty passing traffic. I can ping with no issue back and forth, and can telnet on every single port, such as 23, 25, 110, 137, etc...
But, at these two branches, I have problems getting exchange to work with outlook clients at the branches, and exchange server at the corporate office. Sometimes it works really slowly, or sometimes not at all. Even using the web interface for exchange, it dies. They also have issues running some their web based applications that run back to the corporate office. But, I can transfer files back and forth.
However, if I bypass the site to site vpns and just use the microsoft pptp client, forward ports on the VPN, and have the remote branches connect to the outside IP, of the netscreen, all is working fine.
Keep in mind, the other two branches see no issues at all. These are using faster connections, I believe. The branches that are having issues are using DSL's through local telcoms.
I dunno, sometimes I just wanna smash the entire setups of netscreens and just use a bunch of untangle boxes. Easier to program and use.
Facebook
Twitter