Re: [FW-1] Site to site VPN between R55 NG AI

Subject:	Re: [FW-1] Site to site VPN between R55 NG AI - FortiGate
From:	Romulo de Almeida Genú Neto <romulo AT AXIOS.COM DOT BR>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Wed, 28 Jul 2004 18:02:07 -0300

Hi,

I still can`t estabilish the VPN, I receive the following
message: "IKE: Quick Mode Received Notification from Peer:
invalid id information". As I also receive "Main mode
completion", what indicates that the IKE Phase 1 is Ok. The
problem is in Phase 2, where I receive the error message.
Sometimes I receive "IKE: Quick Mode completion - IKE IDs:
subnet: 192.168.0.0 (mask= 255.255.255.0) and
host: 192.168.101.2", but I still can`t acess one network from
another, even with the rules defined.

Anybody has a clue of what`s going on??

Regards,

Romulo de Almeida Genú Neto
Analista de Suporte
Axios Tecnologia e Serviços
http://www.axios.com.br
romulo AT axios.com DOT br
+55 41 324-1993
_________________________________________________________________
Central Server, a melhor estrutura da web para hospedar seu site!
http://www.centralserver.com.br



----- Original Message -----
From: "Ray" <sixsigma44 AT HOTMAIL DOT COM>
To: <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
Sent: Tuesday, July 27, 2004 10:09 PM
Subject: Re: [FW-1] Site to site VPN between R55 NG AI - FortiGate


> It sure is. We have them set up with WatchGuard Fireboxes. The remotes are
> configured as Interoperable Devices.
>
> Ray
>
> >From: Romulo de Almeida Genú Neto              <romulo AT AXIOS.COM DOT BR>
> >Reply-To: Mailing list for discussion of Firewall-1
> ><FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
> >To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> >Subject: [FW-1] Site to site VPN between R55 NG AI - FortiGate
> >Date: Tue, 27 Jul 2004 16:36:15 -0300
> >
> >Hi,
> >
> >I have to set up a VPN between a R55 NG AI running on Secure
> >Platform and a FortiGate-50A. The rulebase of the Check Point
> >is in Simplified mode, and I read that this kind of VPN can
> >only be set up if the rulebase is in Traditional mode. Also,
> >the guides provided by Check Point indicate Traditional mode.
> >On top of that, some people say to have achieved configuring
> >VPNs between CPs and other parties appliances using Simplified
> >mode.
> >
> >The question is: is it possible to set up a VPN between Check
> >Point and a third party appliance using Simplified mode or I'll
> >definitely have to migrate the rulebase to Traditional mode
> >(which will be a real thrill)?
> >
> >if it helps, the FortiGate can set up a manual tunnel.
> >
> >Regards,
> >
> >Romulo de Almeida Genú Neto
> >Analista de Suporte
> >Axios Tecnologia e Serviços
> >http://www.axios.com.br
> >romulo AT axios.com DOT br
> >+55 41 324-1993
> >_________________________________________________________________
> >Central Server, a melhor estrutura da web para hospedar seu site!
> >http://www.centralserver.com.br
> >
> >=================================================
> >To set vacation, Out-Of-Office, or away messages,
> >send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> >in the BODY of the email add:
> >set fw-1-mailinglist nomail
> >=================================================
> >To unsubscribe from this mailing list,
> >please see the instructions at
> >http://www.checkpoint.com/services/mailing.html
> >=================================================
> >If you have any questions on how to change your
> >subscription options, email
> >fw-1-owner AT ts.checkpoint DOT com
> >=================================================
>
> _________________________________________________________________
> Overwhelmed by debt? Find out how to ‘Dig Yourself Out of Debt’ from MSN
> Money. http://special.msn.com/money/0407debt.armx
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Site to site VPN between R55 NG AI - FortiGate, Romulo de Almeida Genú Neto Re: [FW-1] Site to site VPN between R55 NG AI - FortiGate, Hiroshi Kubo Re: [FW-1] Site to site VPN between R55 NG AI - FortiGate, Ray Re: [FW-1] Site to site VPN between R55 NG AI - FortiGate, Romulo de Almeida Genú Neto <=

Previous by Date:	Re: [FW-1] Checkpoint R55 and VPN1 Edge, Neil Kemp
Next by Date:	Re: [FW-1] New HFA's posted + a new ASN.1 Alert, Ray
Previous by Thread:	Re: [FW-1] Site to site VPN between R55 NG AI - FortiGate, Ray
Next by Thread:	[FW-1] Securemote DNS, Alaric Turner
Indexes:	[Date] [Thread] [Top] [All Lists]