• November 24, 2017, 08:01:13 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Juniper SRX 210 to Avaya/Nortel VPN Router 1700  (Read 4647 times)

0 Members and 1 Guest are viewing this topic.

Offline Michael McNamara

  • Administrator
  • Hero Member
  • *****
  • Posts: 3821
    • michaelfmcnamara
    • Michael McNamara
Juniper SRX 210 to Avaya/Nortel VPN Router 1700
« on: March 23, 2010, 12:00:40 AM »
We received a few Juniper SRX 210 routers over the past two weeks and I finally found the time to break one out of the box and set it up. Thankfully myself and another co-worker had attended a day long training class on JUNOS put together by the local Juniper sales team.

After spending a few hours Friday night and a few hours on Sunday night I finally managed to get the IPSec tunnel up this evening between the Juniper SRX 210 (10.1B4) and the Avaya/Nortel VPN Router 1700 (7.50_059). I still need to spend some time getting the DHCP relay working along with multiple IP networks (currently only have a single IP network defined).

You absolutely need "Vendor ID" and "Compression" disabled within the Avaya/Nortel VPN router.

Hopefully I'll be able to document the configuration and post it up to the blog in the next few days.

Cheers!
We've been helping network engineers, system administrators and technology professionals since June 2009.
If you've found this site useful or helpful, please help me spread the word. Link to us in your blog or homepage - Thanks!


Offline Michael McNamara

  • Administrator
  • Hero Member
  • *****
  • Posts: 3821
    • michaelfmcnamara
    • Michael McNamara
Re: Juniper SRX 210 to Avaya/Nortel VPN Router 1700
« Reply #1 on: March 25, 2010, 11:16:54 PM »
I managed to get a policy based VPN tunnel up and working tonight such that I would place an IP call from a Nortel i2007 IP phone. I still haven't figured out how to get the DHCP/BOOTP relay (helper) to work properly. I have the following configuration in place with 1.1.1.40 being the remote DHCP server.


forwarding-options {
    helpers {
        bootp {
            relay-agent-option;
            server 1.1.1.40;
            vpn;
            interface {
                vlan.0;
            }
        }
    }
}


I also came across the new Juniper Site-to-Site Configuration Tool.

Cheers!
We've been helping network engineers, system administrators and technology professionals since June 2009.
If you've found this site useful or helpful, please help me spread the word. Link to us in your blog or homepage - Thanks!