Hello,
I have two sites connected via a 'route-based' VPN. In the first site is a NetScreen 5XP and the second a NetScreen 25 both running ScreenOS 4.0.
I am configuring both NetScreen devices to utilise a RADIUS server for admin authentication. This works fine if the RADIUS server is connected to the local trusted network.
However, I want either NetScreen device to use the RADIUS server located in the alternate location, if it cannot communicate with its own local RADIUS server.
I have noted that when attempting to communicate with the remote RADIUS server, network traffic is not sent via the VPN, but unencrypted with a source address of the 'untrusted' interface.
Does anybody know how to setup this configuration, and I would assume that this also applies to the NetScreen attempting to communicate with DNS, NTP or authentication servers in a remote site ?
Thanks in advance.
I have two sites connected via a 'route-based' VPN. In the first site is a NetScreen 5XP and the second a NetScreen 25 both running ScreenOS 4.0.
I am configuring both NetScreen devices to utilise a RADIUS server for admin authentication. This works fine if the RADIUS server is connected to the local trusted network.
However, I want either NetScreen device to use the RADIUS server located in the alternate location, if it cannot communicate with its own local RADIUS server.
I have noted that when attempting to communicate with the remote RADIUS server, network traffic is not sent via the VPN, but unencrypted with a source address of the 'untrusted' interface.
Does anybody know how to setup this configuration, and I would assume that this also applies to the NetScreen attempting to communicate with DNS, NTP or authentication servers in a remote site ?
Thanks in advance.