Re: [FW-1] Checkpoint to cisco router vpn

Subject:	Re: [FW-1] Checkpoint to cisco router vpn
From:	Ted Serreyn <ted AT SERREYN DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 4 Jun 2004 22:08:12 -0500

Use gui-dbedit to change ike_use_largest_possible_subnets to FALSE.  It is
TRUE by default.  I make sure to point it out when I teach, but many
checkpoint instructors don't.

--
Ted Serreyn              Phone:262-432-0260 Fax:262-432-0232
Serreyn Network Services, LLC        http://www.serreyn.com/


-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Stanley
Lesniak
Sent: Friday, June 04, 2004 7:24 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Checkpoint to cisco router vpn

I am trying to set up a site-to-site vpn with a cisco router and a
checkpoint ng r54 firewall and i am having a couple of issues, like one when
the key exchange is taking place the checkpoint side is sending the wrong
subnet mask for the encryption domain, which is 10.0.0.0 255.255.0.0, but
the cisco side sees it as 10.0.0.0 255.252.0.0, can someone tell me why this
is happening or how to fix this?

_________________________________________________________________
Stop worrying about overloading your inbox - get MSN Hotmail Extra Storage!
http://join.msn.click-url.com/go/onm00200362ave/direct/01/

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Checkpoint to cisco router vpn, Stanley Lesniak Re: [FW-1] Checkpoint to cisco router vpn, Ted Serreyn <= Re: [FW-1] Checkpoint to cisco router vpn, Stanley Lesniak Re: [FW-1] Checkpoint to cisco router vpn, Shoney Joy

Previous by Date:	[FW-1] Checkpoint to cisco router vpn, Stanley Lesniak
Next by Date:	Re: [FW-1] Unexplainable drops, CP versions, etc, Ted Serreyn
Previous by Thread:	[FW-1] Checkpoint to cisco router vpn, Stanley Lesniak
Next by Thread:	Re: [FW-1] Checkpoint to cisco router vpn, Stanley Lesniak
Indexes:	[Date] [Thread] [Top] [All Lists]