Re: [FW-1] VPN-1 Edge X Setup

Subject:	Re: [FW-1] VPN-1 Edge X Setup
From:	"Stephen W. Stewart" <stewart.sw AT TKDA DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Wed, 16 Feb 2005 14:32:28 -0600

Another piece of the puzzle to think about.

When trying to connect to a Service Center my FW-1 log shows the
following message:

message_info: Implied rule encryption failure: Different community ID,
possible NAT problem (VPN Error code 02)

Steve


-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Ray
Sent: Wednesday, February 16, 2005 10:12 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] VPN-1 Edge X Setup

Check out 5.0.50. It fixed a bunch of VPN problems in 5.0.43 including a
memory leak that made me have to reboot mine every few days.

Ray

>From: Russell Aspinwall <russell.aspinwall AT FLOMERICS.CO DOT UK>
>Reply-To: Mailing list for discussion of Firewall-1
><FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
>To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
>Subject: Re: [FW-1] VPN-1 Edge X Setup
>Date: Wed, 16 Feb 2005 14:15:15 +0000
>
>Hi,
>
>I have used a variety of firmware versions on the Edge and found
>v5.0.43x a vast improvement since v4.0.93x and many in between. Site to

>Site VPNs offer a significantly better level of performance and
>reliability, primarily NGAI R55 to Edge, Edge to Edge VPNs have not
>been a problem.
>
>Stephen W. Stewart wrote:
>>Hi All,
>>
>>Trying to set up an Edge X box for a remote office in Site to Site
mode.
>>I currently have 2 other sites that are working just fine.  The only
>>difference with the new X is that it will have a static IP and the two

>>that are working are using DHCP.
>>
>>I can create the site and then look in the reports section at the VPN
>>Tunnels section and nothing shows up.  If I ping the internal IP of
>>the X box a tunnel is established and the X box replies.  I cannot
>>ping the other way into the "home" network behind the FW-1.
>>
>>The established tunnel shows IKE (Phase 1): 3DES/SHA1.
>>
>>Any ideas?
>>
>>Thanks
>>
>>
>>Stephen W. Stewart
>>
>>=================================================
>>To set vacation, Out-Of-Office, or away messages, send an email to
>>LISTSERV AT amadeus.us.checkpoint DOT com
>>in the BODY of the email add:
>>set fw-1-mailinglist nomail
>>=================================================
>>To unsubscribe from this mailing list, please see the instructions at
>>http://www.checkpoint.com/services/mailing.html
>>=================================================
>>If you have any questions on how to change your subscription options,
>>email fw-1-owner AT ts.checkpoint DOT com
>>=================================================
>>
>
>
>--
>Regards
>
>Russell
>
>=================================================
>To set vacation, Out-Of-Office, or away messages, send an email to
>LISTSERV AT amadeus.us.checkpoint DOT com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your subscription options,
>email fw-1-owner AT ts.checkpoint DOT com
>=================================================

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Jake Hildreth Re: [FW-1] VPN-1 Edge X Setup, Ray [FW-1] VPN-1 x Cisco Router Rules, Marcus Vinicius de Oliveira Azevedo Re: [FW-1] VPN-1 Edge X Setup, Russell Aspinwall Re: [FW-1] VPN-1 Edge X Setup, Ray Re: [FW-1] VPN-1 Edge X Setup, Russell Aspinwall [FW-1] viewing rule base offline for fp3, Robert Fowler Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart <= Re: [FW-1] VPN-1 Edge X Setup, Ray Re: [FW-1] VPN-1 Edge X Setup, Motta Corrado Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Ray Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Chris H Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Ray Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart

Previous by Date:	Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart
Next by Date:	Re: [FW-1] Nokia Routing, Reinhard Stich
Previous by Thread:	Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart
Next by Thread:	Re: [FW-1] VPN-1 Edge X Setup, Ray
Indexes:	[Date] [Thread] [Top] [All Lists]