Firewall Wizards mailing list archives
RE: Netscreen compatibility
From: "Melson, Paul" <PMelson () sequoianet com>
Date: Thu, 26 Aug 2004 09:51:52 -0400
Yes, the new versions of ScreenOS are backward compatible to most of the older versions as far as site-to-site IPSec VPN tunnels go. There are definite client compatibility issues. Newer NetScreen clients cannot connect to older NetScreen firewalls and so on. (This has less to do with IPSec and more to do with supported client authentication mechanisms.) Additionally, the NetScreen-10 and NetScreen-5XP are both EOL/EOS products. If you've got them running in production environments, you should consider replacing them with something newer. (Especially the NS-10, which has known security flaws that have gone unfixed since it was EOL-ed.) PaulM
-----Original Message----- I wonder if new Netscreen 5GTE are compatible with old Netscreen 10 or 5XP regarding VPN IPSec Tunnel. Apparently, VPN IPSec Tunnel may be different from one construster to another (at last the interpretation of the standard IPSec). It seems that Microsoft IPSec client doesn't work well with Netscreen IPSec. Your opinion ?
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Netscreen compatibility ROUMEGOUX Pierre (Aug 26)
- Re: Netscreen compatibility Peter Bruderer (Aug 27)
- <Possible follow-ups>
- RE: Netscreen compatibility Melson, Paul (Aug 27)
- RE: Netscreen compatibility ROUMEGOUX Pierre (Aug 28)
- RE: Netscreen compatibility Bruce Platt (Aug 28)