Have you tried
srfw monitor ?
Maybe it would help you, can you telnet to the port 264?
Best Regards
lino
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Scott
Tobias
Sent: Martes, 25 de Abril de 2006 04:56 p.m.
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] Cannot Get Topology on new SC setup
It might be but you saw it in the log. So would have to filter the IKE
traffic coming back from the firewall to the client.
On 4/25/06, Sean Donaghey/HDGH <Sean.Donaghey AT hdgh DOT org> wrote:
>
> I got it working. I had to enable 'IKE over TCP' on the SC client. I
> never had to do this before. Could our ISP be doing some filtering on
> Port 500 UDP?
>
>
> Sean
>
>
>
>
>
> Scott Tobias <stobias14 AT GMAIL DOT COM>
> Sent by: Mailing list for discussion of Firewall-1
> <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
> 04/25/2006 03:02 PM
> Please respond to
> Mailing list for discussion of Firewall-1
> <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
>
>
> To
> FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> cc
>
> Subject
> Re: [FW-1] Cannot Get Topology on new SC setup
>
>
>
>
>
>
> Sean
>
> Are you logging the implied rules ? Do you see an FW1_topo (TCP port
> 264) requests ?
> Could this port be blocked on a upstream router ?
>
>
> On 4/25/06, Sean Donaghey/HDGH <Sean.Donaghey AT hdgh DOT org> wrote:
> >
> > All of a sudden on a new clean install I cannot get the topology to
> > download. I am using Username and password authentication, and it
> > just tries for a long time, and then errors out with a 'Timeout Error'.
> >
> > In the logs, I see an inbound FW1_top, and ISAKMP request from the
> > SC computer, and they are both accepted. This problem is not
> > affecting VPN users that already have a site defined, just the ones
> > that needs to add the site.
> >
> > What can I check to find out what is going on?
> >
> > Thanks,
> >
> > Sean
> >
> >
> >
> > The information contained in this e-mail message is confidential and
> > protected by law. The information is intended only for the person
> > or organization addressed in this e-mail. If you share or copy the
> > information you may be breaking the law. If you have received this
> e-mail
> > by mistake, please notify the sender of the e-mail by the telephone
> number
> > listed on this e-mail. Please destroy the original; do not e-mail
> > back the information or keep the original.
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages, send an email to
> > LISTSERV AT amadeus.us.checkpoint DOT com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list, please see the instructions
> > at http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your subscription
> > options, email fw-1-owner AT ts.checkpoint DOT com
> > =================================================
> >
>
> =================================================
> To set vacation, Out-Of-Office, or away messages, send an email to
> LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your subscription options,
> email fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
>
>
>
> The information contained in this e-mail message is confidential and
> protected by law. The information is intended only for the person or
> organization addressed in this e-mail. If you share or copy the
> information you may be breaking the law. If you have received this
> e-mail by mistake, please notify the sender of the e-mail by the
> telephone number listed on this e-mail. Please destroy the original;
> do not e-mail back the information or keep the original.
>
> =================================================
> To set vacation, Out-Of-Office, or away messages, send an email to
> LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your subscription options,
> email fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
