Hi,
we want to place serveral edge boxes on remote sites.
during test we found a problem: the edge is at adsl line and has dynamic
ip address.
we can establish a tunnel towards the central site without any problem but
we are not able to establish the tunnel from the central site to the
edge box.
the edge box and the central gateway are placed in a star community and use
certificates for the tunnel, the vpn domain for the edge is defined as
the private network behind the box.
in smartview tracker the following message is displayed, if we try to
establish the tunnel (https connect to private ip of the box)
"IKE: Main Mode cannot initiate negotiation with a DAIP object"
edge firmware 5.0.57
central site: vpn1 r55 hfa 08
any tip would be appreciated.
regards,
Alex
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
