Re: [FW-1] Site to Site VPN

[Russell Aspinwall [Permanent Link]]

The NG-AI logs indicate client negotiation.
The Edge reports client negotiation <phase1 stage5>.

I upgraded to HFA-09 but the problem persists

lancr wrote:
> Russell,
>   You do not need a newer firmware.  Do you have any further log info from
> the negotiation cycle?
>
> You will want to validate the settings on the remote gateway (edge device)
> to see if NAT is in use, and if so, verify that you are expecting to
> establish SA with the external ip of the edge.  I've not seen many problems
> with this config.
>
> Cryptotech
>
> ----- Original Message -----
> From: "Russell Aspinwall" <russell.aspinwall AT FLOMERICS.CO DOT UK>
> To: <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
> Sent: Tuesday, September 28, 2004 6:01 AM
> Subject: [FW-1] Site to Site VPN
>
>
>
> > I am trying to establish a VPN between an Edge unit running firmware
> v.4.5.44x and ng-ai R55 hfa-07.
>
> > The edge is configured as Interoperable Device, using the same
> instructions I used before but I can
>
> > not establish a VPN. I get as far as a Key Exchange.
> >
> > Do I need to run a later HFA to fix this?
> > --
> > Regards
> >
> > Russell
> >
> > Email: russell dot aspinwall at flomerics dot co dot uk
> > Network and Systems Administrator           Flomerics Ltd
> > Telephone: 020-8941-8810 x3116              81 Bridge Road
> > Facsimile: 020-8941-8730                    Hampton Court
> >                                             Surrey, KT8 9HH
> >                                             United Kingdom
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages,
> > send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > fw-1-owner AT ts.checkpoint DOT com
> > =================================================
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================

--
Regards

Russell

Email: russell dot aspinwall at flomerics dot co dot uk
Network and Systems Administrator           Flomerics Ltd
Telephone: 020-8941-8810 x3116              81 Bridge Road
Facsimile: 020-8941-8730                    Hampton Court
                                            Surrey, KT8 9HH
                                            United Kingdom

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================