Re: [FW-1] Gateway doesn't support UDP encapsulation ?

Subject:	Re: [FW-1] Gateway doesn't support UDP encapsulation ?
From:	Jon Allingham <jallingham AT LEAPSTONE DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 19 Dec 2003 08:12:23 -0500

It works fine in my configuration. Did you push the policy to the
firewall after checking the button to enable UDP encapsulation? I don't
recall if that is an item requiring a cpstop/cpstart to enable.

--
Jon Allingham
Director, IVT
Leapstone Systems


-----Original Message-----
From: Luiz Afonso [mailto:luiz_ma AT YAHOO DOT COM]
Sent: Friday, December 19, 2003 7:43 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Gateway doesn't support UDP encapsulation ?

Hi,

I'm trying to connect to a VPN-1 NG AI R55 gateway
using SecuRemote R55 client with "Force UDP
Encapsulation" and "IKE over TCP" Enabled,
to overcome NAT issues.

I double checked all the configuration items,
including "NAT Traversal" support in Gateway/Remote
Access, which is enabled.

When I try to connect, IKE main mode completes
successfully, but then the following message shows up
in log:
"Reason: Client Encryption: 'Force UDP Encapsulation'
selected on user's profile, but gateway doesn't
support UDP Encapsulation."

Any ideas ?

Thanks,
Luiz


__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Gateway doesn't support UDP encapsulation ?, Luiz Afonso Re: [FW-1] Gateway doesn't support UDP encapsulation ?, Michael Schwartzkopff Re: [FW-1] Gateway doesn't support UDP encapsulation ?, Luiz Afonso Re: [FW-1] Gateway doesn't support UDP encapsulation ?, Michael Schwartzkopff Re: [FW-1] Gateway doesn't support UDP encapsulation ?, Chontzopoulos Dimitris [FW-1] Renewals, Edwin Davidson Re: [FW-1] Gateway doesn't support UDP encapsulation ?, Jon Allingham <= Re: [FW-1] Gateway doesn't support UDP encapsulation ?, Luiz Afonso

Previous by Date:	[FW-1] Gateway doesn't support UDP encapsulation ?, Luiz Afonso
Next by Date:	Re: [FW-1] Gateway doesn't support UDP encapsulation ?, Michael Schwartzkopff
Previous by Thread:	[FW-1] Renewals, Edwin Davidson
Next by Thread:	Re: [FW-1] Gateway doesn't support UDP encapsulation ?, Luiz Afonso
Indexes:	[Date] [Thread] [Top] [All Lists]