The problem I was having was as follows. 3 Juniper devices in a hub and spoke topology, 1 HQ and 2 Branch. The 2 Branch firewalls were actually just basically identical configs in one branch on separate DSL lines. What was required was changing the IP of the firewall and getting the VPN up and running  to allow the branch access. The problem I was having was that the tunnel was inactive and needed to re-initiate.


Once the peer gateway IP addresses had been amended as required. The next option required was as follows:

Via the WebUI:

Go to VPN > AutoKey IKE > Edit

Select the VPN monitor and Rekey option on the firewall:
Netscreen VPN Rekey




Via the CLI:

set vpn <vpn name/ Phase2 Name> monitor <optimized> rekey

Optimized is optional.

Source Doc:

Juniper Netscreen Site-to-Site VPN Rekey
Tagged on:             

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.