Re: [FW-1] VPN-1 Edge X Setup

Subject:	Re: [FW-1] VPN-1 Edge X Setup
From:	"Stephen W. Stewart" <stewart.sw AT TKDA DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Wed, 23 Feb 2005 14:35:44 -0600

I have a site to site tunnel.  Something very basic but over looked --
in the VPN Network Configuration I used the wrong destination network
address.  Should have been the internal network and I was pointing to
the external address.  Changed that and I am a happy camper.  I did get
help as well from Checkpoint with issue and they were the ones who
pointed out the error of my ways.

Thanks for all the help you sent my way.



Stephen W. Stewart

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Ray
Sent: Tuesday, February 22, 2005 7:53 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] VPN-1 Edge X Setup

You might have to bite the bullet and go to a later HFA on your boxes.
You're running HFA04 which has several known issues with Edge boxes, not
to mention the ASN.1 issue.

Ray

>From: "Stephen W. Stewart" <stewart.sw AT TKDA DOT COM>
>Reply-To: Mailing list for discussion of Firewall-1
><FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
>To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
>Subject: Re: [FW-1] VPN-1 Edge X Setup
>Date: Tue, 22 Feb 2005 14:34:08 -0600
>
>I have been able to establish a one way tunnel to the Edge, I can ping,

>I can VNC but I can't go the other way back to the main office.  I did
>make a new VPN Community and the date and time are correct.
>
>Steve
>
>
>Stephen W. Stewart
>
>-----Original Message-----
>From: Mailing list for discussion of Firewall-1
>[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Chris
>H
>Sent: Monday, February 21, 2005 12:31 PM
>To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
>Subject: Re: [FW-1] VPN-1 Edge X Setup
>
>Were you able to get this working?  We had the same problem.  We have
>been able to correct this by creating a new VPN community and putting
>the Edge units in a new VPN community.  Also ensure that the time and
>date are correct.
>
>Chris
>--- "Stephen W. Stewart" <stewart.sw AT TKDA DOT COM> wrote:
>
> > The DNS is set on the Edge, both my network DNS server and also the
> > DNS server of the ISP.
> >
> >
> >
> > Stephen W. Stewart
> > -----Original Message-----
> > From: Mailing list for discussion of Firewall-1
> > [mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM]
> > On Behalf Of Russell
> > Aspinwall
> > Sent: Friday, February 18, 2005 1:21 AM
> > To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> > Subject: Re: [FW-1] VPN-1 Edge X Setup
> >
> > Hi,
> >
> > Is there a chance of having a Dynamci DNS server incorporated with
> > the
>
> > DHCP server on the Edge units, so that on the LAN interface you can
> > set the DNS name when you enable DHCP. Or is it already there?
> >
> >
> > Ray wrote:
> > > Check out 5.0.50. It fixed a bunch of VPN problems
> > in 5.0.43 including
> >
> > > a memory leak that made me have to reboot mine
> > every few days.
> > >
> > > Ray
> > >
> > >> From: Russell Aspinwall
> > <russell.aspinwall AT FLOMERICS.CO DOT UK>
> > >> Reply-To: Mailing list for discussion of
> > Firewall-1
> > >> <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
> > >> To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> > >> Subject: Re: [FW-1] VPN-1 Edge X Setup
> > >> Date: Wed, 16 Feb 2005 14:15:15 +0000
> > >>
> > >> Hi,
> > >>
> > >> I have used a variety of firmware versions on the
> > Edge and found
> > >> v5.0.43x a vast improvement since v4.0.93x and
> > many in between. Site
> > >> to Site VPNs offer a significantly better level
> > of performance and
> > >> reliability, primarily NGAI R55 to Edge, Edge to
> > Edge VPNs have not
> > >> been a problem.
> > >>
> > >> Stephen W. Stewart wrote:
> > >>
> > >>> Hi All,
> > >>>
> > >>> Trying to set up an Edge X box for a remote
> > office in Site to Site
> > mode.
> > >>> I currently have 2 other sites that are working
> > just fine.  The only
> >
> > >>> difference with the new X is that it will have a
> > static IP and the
> > >>> two that are working are using DHCP.
> > >>>
> > >>> I can create the site and then look in the
> > reports section at the
> > >>> VPN Tunnels section and nothing shows up.  If I
> > ping the internal IP
> >
> > >>> of the X box a tunnel is established and the X
> > box replies.  I
> > >>> cannot ping the other way into the "home"
> > network behind the FW-1.
> > >>>
> > >>> The established tunnel shows IKE (Phase 1):
> > 3DES/SHA1.
> > >>>
> > >>> Any ideas?
> > >>>
> > >>> Thanks
> > >>>
> > >>>
> > >>> Stephen W. Stewart
> > >>>
> > >>>
> > =================================================
> > >>> To set vacation, Out-Of-Office, or away
> > messages, send an email to
> > >>> LISTSERV AT amadeus.us.checkpoint DOT com
> > >>> in the BODY of the email add:
> > >>> set fw-1-mailinglist nomail
> > >>>
> > =================================================
> > >>> To unsubscribe from this mailing list, please
> > see the instructions
> > >>> at
> > http://www.checkpoint.com/services/mailing.html
> > >>>
> > =================================================
> > >>> If you have any questions on how to change your
> > subscription
> > >>> options, email fw-1-owner AT ts.checkpoint DOT com
> > >>>
> > =================================================
> > >>>
> > >>
> > >>
> > >> --
> > >> Regards
> > >>
> > >> Russell
> > >>
> > >> =================================================
> > >> To set vacation, Out-Of-Office, or away messages,
> > send an email to
> > >> LISTSERV AT amadeus.us.checkpoint DOT com
> > >> in the BODY of the email add:
> > >> set fw-1-mailinglist nomail
> > >> =================================================
> > >> To unsubscribe from this mailing list, please see
> > the instructions at
> >
> > >> http://www.checkpoint.com/services/mailing.html
> > >> =================================================
> > >> If you have any questions on how to change your
> > subscription options,
> >
> > >> email fw-1-owner AT ts.checkpoint DOT com
> > >> =================================================
> > >
> > >
> > > =================================================
> > > To set vacation, Out-Of-Office, or away messages, send an email to
> > LISTSERV AT amadeus.us.checkpoint DOT com
> > > in the BODY of the email add:
> > > set fw-1-mailinglist nomail
> > > =================================================
> > > To unsubscribe from this mailing list, please see the instructions

> > > at http://www.checkpoint.com/services/mailing.html
> > > =================================================
> > > If you have any questions on how to change your subscription
> > > options, email fw-1-owner AT ts.checkpoint DOT com
> > > =================================================
> > >
> >
> >
> > --
> > Regards
> >
> > Russell
> >
> > Email: russell dot aspinwall at flomerics dot co dot uk Network and
> > Systems Administrator Flomerics Ltd
> > Telephone: 020-8941-8810 x3116              81
> > Bridge Road
> > Facsimile: 020-8941-8730                    Hampton
> > Court
> >                                              Surrey,
> > KT8 9HH
> >                                              United Kingdom
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages, send an email to
> > LISTSERV AT amadeus.us.checkpoint DOT com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list, please see the instructions
> > at http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your subscription
> > options, email fw-1-owner AT ts.checkpoint DOT com
> > =================================================
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages, send an email to
> > LISTSERV AT amadeus.us.checkpoint DOT com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list, please see the instructions
> > at http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your subscription
> > options, email fw-1-owner AT ts.checkpoint DOT com
> >
>=== message truncated ===
>
>
>
>
>__________________________________
>Do you Yahoo!?
>Read only the mail you want - Yahoo! Mail SpamGuard.
>http://promotions.yahoo.com/new_mail
>
>=================================================
>To set vacation, Out-Of-Office, or away messages, send an email to
>LISTSERV AT amadeus.us.checkpoint DOT com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your subscription options,
>email fw-1-owner AT ts.checkpoint DOT com
>=================================================
>
>=================================================
>To set vacation, Out-Of-Office, or away messages, send an email to
>LISTSERV AT amadeus.us.checkpoint DOT com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your subscription options,
>email fw-1-owner AT ts.checkpoint DOT com
>=================================================

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [FW-1] VPN-1 Edge X Setup, (continued) Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Ray Re: [FW-1] VPN-1 Edge X Setup, Motta Corrado Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Ray Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Chris H Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart Re: [FW-1] VPN-1 Edge X Setup, Ray Re: [FW-1] VPN-1 Edge X Setup, Stephen W. Stewart <=

Previous by Date:	Re: [FW-1] IP440 Equivalent Replacement?, Reinhard Stich
Next by Date:	Re: [FW-1] Securemote Problems, Stala
Previous by Thread:	Re: [FW-1] VPN-1 Edge X Setup, Ray
Next by Thread:	[FW-1] VPN Tunnels on multiple interfaces, Rafa Pellicer
Indexes:	[Date] [Thread] [Top] [All Lists]