I got it working. I had to enable 'IKE over TCP' on the SC client. I
never had to do this before. Could our ISP be doing some filtering on
Port 500 UDP?
Sean
Scott Tobias <stobias14 AT GMAIL DOT COM>
Sent by: Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
04/25/2006 03:02 PM
Please respond to
Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
To
FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
cc
Subject
Re: [FW-1] Cannot Get Topology on new SC setup
Sean
Are you logging the implied rules ? Do you see an FW1_topo (TCP port 264)
requests ?
Could this port be blocked on a upstream router ?
On 4/25/06, Sean Donaghey/HDGH <Sean.Donaghey AT hdgh DOT org> wrote:
>
> All of a sudden on a new clean install I cannot get the topology to
> download. I am using Username and password authentication, and it just
> tries for a long time, and then errors out with a 'Timeout Error'.
>
> In the logs, I see an inbound FW1_top, and ISAKMP request from the SC
> computer, and they are both accepted. This problem is not affecting VPN
> users that already have a site defined, just the ones that needs to add
> the site.
>
> What can I check to find out what is going on?
>
> Thanks,
>
> Sean
>
>
>
> The information contained in this e-mail message is confidential and
> protected by law. The information is intended only for the person or
> organization addressed in this e-mail. If you share or copy the
> information you may be breaking the law. If you have received this
e-mail
> by mistake, please notify the sender of the e-mail by the telephone
number
> listed on this e-mail. Please destroy the original; do not e-mail back
> the information or keep the original.
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
The information contained in this e-mail message is confidential and
protected by law. The information is intended only for the person or
organization addressed in this e-mail. If you share or copy the
information you may be breaking the law. If you have received this e-mail
by mistake, please notify the sender of the e-mail by the telephone number
listed on this e-mail. Please destroy the original; do not e-mail back
the information or keep the original.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
