Hello out there,
I´m trying to setup a VPN from my Nokia running NG FP3 HF2 to Astaro ASL
v4. When I open a connection to the Astaro-box, the log-viewer shows one
entry
with "IKE Main mode is completed", but the the response from the Astaro-box
is
"IKE: Quick Mode Received Notification from Peer: invalid id information",
next log-entry says "IKE: Quick Mode Received Notfification: invalid
message
id".
I´ve checked out the Checkpoint document about free s/wan, but it´s still
not working.
It´s a one-way tunnel, from users behind the Checkpoint to a server behind
the Astaro-box. What bothers me is that the guy running the Astaro is doing
NAT on the external IP-Address, we´re using the external IP-Address to
access
the server - who´s really located in their internal LAN. It this a problem
?
any ideas ?
this is the log-message from the Astro-box:
> May 22 14:41:35 (none) pluto[30103]: | peer client is myexternalfwip/32
> May 22 14:41:35 (none) pluto[30103]: | our client is astarofwip/32
> May 22 14:41:35 (none) pluto[30103]: "testconnection_1" #16: cannot
> respond to IPsec SA request because no connection is known for
> astarofwip...myexternalfwip===myinternal_destinationip/32
> May 22 14:41:35 (none) pluto[30103]: "testconnection_1" #16: sending
> encrypted notification INVALID_ID_INFORMATION to myexternalfwip:500
thanks,
Stefan
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
