Showing results for 
Search instead for 
Did you mean: 

Static Route to NC Tunnel IP

New Contributor

Static Route to NC Tunnel IP


I've been brainstorming with methods to utilize NC. One of those is to stick a LAN behind the NC client. However, I have not found a way to add a static route to the SA.

The WebUI will not allow you to add a static route in the "Internal" zone to an IP that's not part of the subnet.

Does anyone know if there is a way to add a static route via the console?

I'm currently running 6.1R2.

Thanks for the help,

Scott W

Super Contributor

Re: Static Route to NC Tunnel IP

Scott -

It seems like you are trying to do what so many of us are trying to avoid - to allow "unsecured" PCs on the same LAN as the NC client machine to be able to access the "secure" network. I can't believe that there would be any way to do that.

It might be possible to allow multiple users to log on to the NC client machine as RDP clients if you are allowing split tunneling to the local LAN. If you try this, let the community know the results. It might please some of us, and it might scare the **** out of some of us.


New Contributor

Re: Static Route to NC Tunnel IP

Yeah, point understood. That's the general consensus I've received from a few of the Juniper folks I know is the SA is not designed for this function.

Allowing mutliple Windows machines to connect across a shared NC connection would indeed be pretty scary. But there are other applications where this could be useful. For example, using the Linux NC RPM on a small form factor box could lead to a cheap CPE solution for end users. It's more secure than PPTP and less obtrusive than IPSec.

Again, just exploring the possiblities. Thanks for the input!