Re: [FW-1] Site to Site VPN

Subject:	Re: [FW-1] Site to Site VPN
From:	lancr <cryptotech AT GMX DOT DE>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 28 Sep 2004 11:02:48 -0400

Russell,
  You do not need a newer firmware.  Do you have any further log info from
the negotiation cycle?

You will want to validate the settings on the remote gateway (edge device)
to see if NAT is in use, and if so, verify that you are expecting to
establish SA with the external ip of the edge.  I've not seen many problems
with this config.

Cryptotech

----- Original Message -----
From: "Russell Aspinwall" <russell.aspinwall AT FLOMERICS.CO DOT UK>
To: <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
Sent: Tuesday, September 28, 2004 6:01 AM
Subject: [FW-1] Site to Site VPN


> I am trying to establish a VPN between an Edge unit running firmware
v.4.5.44x and ng-ai R55 hfa-07.
> The edge is configured as Interoperable Device, using the same
instructions I used before but I can
> not establish a VPN. I get as far as a Key Exchange.
>
> Do I need to run a later HFA to fix this?
> --
> Regards
>
> Russell
>
> Email: russell dot aspinwall at flomerics dot co dot uk
> Network and Systems Administrator           Flomerics Ltd
> Telephone: 020-8941-8810 x3116              81 Bridge Road
> Facsimile: 020-8941-8730                    Hampton Court
>                                              Surrey, KT8 9HH
>                                              United Kingdom
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Site to Site VPN, Russell Aspinwall Re: [FW-1] Site to Site VPN, lancr <= Re: [FW-1] Site to Site VPN, Russell Aspinwall Re: [FW-1] Site to Site VPN, Russell Aspinwall

Previous by Date:	Re: [FW-1] VPN community -> domain? Network?, GoddardM
Next by Date:	[FW-1] IPSO cluster routing problem, Moe Behlim
Previous by Thread:	[FW-1] Site to Site VPN, Russell Aspinwall
Next by Thread:	Re: [FW-1] Site to Site VPN, Russell Aspinwall
Indexes:	[Date] [Thread] [Top] [All Lists]