Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[FW-1] AW: [FW-1] Nokia IP120 and Check Point Config Questions

from Kunz, T [Permanent Link]
Subject: [FW-1] AW: [FW-1] Nokia IP120 and Check Point Config Questions
From: "Kunz, T" <Thomas.Kunz AT T-SYSTEMS DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Fri, 19 Dec 2003 15:18:48 +0100 
Hi!

All i know about udp-encap ist this(maybe a help):

To configure the UDP Encapsulation Mode for FireWall-1 4.1 SP2 and later 
service packs of FireWall-1 4.1, create a service called 
VPN1_IPSEC_encapsulation if it does not already exist. Create it with port UDP 
2746. Then add the following section to the section with your gateway object to 
objects.C:

:isakmp.udpencapsulation (
        :resource (
                :type (refobj)
                :refname<
                        ("#_VPN1_IPSEC_encapsulation")
        )
        :active (true)
)

Re-install the policy.

In NG, you can configure UDP Encapsulation in the Policy Editor in the IKE 
Properties.


Regards Thomas

-----Ursprungliche Nachricht-----
Von: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM]Im Auftrag von
Figaro, Nicolas
Gesendet: Freitag, 19. Dezember 2003 14:50
An: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Betreff: Re: [FW-1] Nokia IP120 and Check Point Config Questions


It looks like the ng fp3 gui doesn't work with
ng fp2 management server, or the default filter is loaded on the nokia.

Try to run a tcpdump on the ip 120 to see if the management traffic
works fine between
IP120 and gui.

Nicolas figaro

-----Original Message-----
From: Al Barnett [mailto:al.barnett AT DATA-FREEWAY.CO DOT UK]
Sent: Friday, December 19, 2003 1:11 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Nokia IP120 and Check Point Config Questions


Hi All,

I have a Nokia IP120 with IPSO 3.6 FCS 3 installed.
It has the following pre-installed
    Check Point VPN-1/Firewall-1 NG Feature Pack 2
    Check Point Policy Server NG Feature Pack 2
    Check Point SVN Foundation Ng Feature Pack 2

I also have a Check Point license for Firewall-1 SmallOffice for 10 IP
but the CD that came with the license is NG Feature Pack 3 Enterprise
Suite.

I would like to run the Nokia as a stand-alone Check Point device and
configure it using a remote GUI client from a Windows XP PC.

I have activated the Check Point software on the Nokia IP120 and I have
used cpconfig to created an administrator's account and enabled the
remote PC's IP address as an accepted GUI client host.

I have also installed the Remote GUI software from the Enterprise Suite
CD.

When I attempt to connect to the Nokia I get a 'Connection cannot be
established. Incompatible version of Server'.

My first question has to be is the above scenario possible? I am new to
the Check Point way of doing things and could easily be trying to do the
impossible.

All suggestions gratefully received ...

Thanx in advance

Al Barnett

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [FW-1] AW: [FW-1] Nokia IP120 and Check Point Config Questions, Kunz, T <=
Previous by Date:  Re: [FW-1] Gateway doesn't support UDP encapsulation ?, Luiz Afonso
Next by Date:  Re: [FW-1] Gateway doesn't support UDP encapsulation ?, Michael Schwartzkopff
Previous by Thread:  [FW-1] Management error, Daniel Secareanu - FSD
Next by Thread:  [FW-1] Check Point Certified Security Priciples Associate (CCSPA), Michael Gaughan
Indexes:  [Date] [Thread] [Top] [All Lists]