Re: [FW-1] VPN1 Edge - R55 Site to Site VPN

Subject:	Re: [FW-1] VPN1 Edge - R55 Site to Site VPN
From:	"Brisbine, Geoff" <GeoffBrisbine AT MI-ASSISTANT DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Thu, 24 Mar 2005 11:26:25 -0600

It seems like that's the nature of the beast with dynamically assigned
IP addresses.

It doesn't appear that it wants a FQDN in the IP address field in
SmartDashboard or you could use a DynDNS-type service.

Would it be feasible to have a background process running on a server at
the remote location that would simply ping the internal address of the
gateway every X seconds or X minutes to keep the tunnel up?

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of alex
Sent: Thursday, March 24, 2005 9:01 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] VPN1 Edge - R55 Site to Site VPN

Hi,

we want to place serveral edge boxes on remote sites.
during test we found a problem: the edge is at adsl line and has dynamic
ip address.
we can establish a tunnel towards the central site without any problem
but we are not able to establish the tunnel from the central site to the
edge box.
the edge box and the central gateway are placed in a star community and
use certificates for the tunnel, the vpn domain for the edge is defined
as the private network behind the box.
in smartview tracker the following message is displayed, if we try to
establish the tunnel (https connect to private ip of the box)

"IKE: Main Mode cannot initiate negotiation with a DAIP object"

edge firmware 5.0.57
central site: vpn1 r55 hfa 08

any tip would be appreciated.

regards,
Alex

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] VPN1 Edge - R55 Site to Site VPN, alex Re: [FW-1] VPN1 Edge - R55 Site to Site VPN, Brisbine, Geoff <= Re: [FW-1] VPN1 Edge - R55 Site to Site VPN, Ray [FW-1] VPN1 Edge - R55 Site to Site VPN, alex Re: [FW-1] VPN1 Edge - R55 Site to Site VPN, Ray

Previous by Date:	[FW-1] VPN1 Edge - R55 Site to Site VPN, alex
Next by Date:	Re: [FW-1] SSL over FTP, cisco4ng
Previous by Thread:	[FW-1] VPN1 Edge - R55 Site to Site VPN, alex
Next by Thread:	Re: [FW-1] VPN1 Edge - R55 Site to Site VPN, Ray
Indexes:	[Date] [Thread] [Top] [All Lists]