Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [FW-1] VPN certificate for site-to-site VPN

from cisco4ng [Permanent Link]
Subject: Re: [FW-1] VPN certificate for site-to-site VPN
From: cisco4ng <cisco4ng AT YAHOO DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Tue, 23 Jan 2007 17:54:27 -0800 
>From my personal, mutual site-to-site vpn between Checkpoint and other vendors 
>do NOT 
  work too well.  I've tried between CP NG with AI and NGx with Cisco IOS/Pix 
firewall with
  external certificate such as Microsoft CA Server and the site-to-site VPN 
does not work.
  I've called up both CP and Cisco TAC and they told me that this is a 
non-supported
  configuration, go figure.
   
  I've successfully setup site-to-site VPN between Checkpoint firewalls with 
Microsoft CA
  Server.  I've also successfully setup  site-to-site between Cisco IOS and 
Cisco Pix firewalls
  with Microsoft CA Server.  The VPN will work if both ends are of the same 
vendors.
   
  Even if you get it working, you may be the only person ending up supporting 
it.  

Yann Roger <yroger AT NETCOURRIER DOT COM> wrote:
  Hi all,

I want to build a VPN connection (site-to-site) between my CheckPoint NGX R60 
and an IP filter gateway. Mutual authentication will be done through 
certificate.

So, how do I generate a certificate for the IP filter ?
Do I need to use the ICA Management tool, or is it only for managed gateway ?

Thanks in advance for any answer,

Yann Roger

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


 
---------------------------------
Any questions?  Get answers on any topic at Yahoo! Answers. Try it now.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [FW-1] How is FW capacity limit in IP740 IPSO3.8 with R55, Rajeev Gupta
Next by Date:  Re: [FW-1] NTP Access, Yang Xiao
Previous by Thread:  [FW-1] VPN certificate for site-to-site VPN, Yann Roger
Next by Thread:  [FW-1] New CP article on US Daylight Saving Time change, Ray
Indexes:  [Date] [Thread] [Top] [All Lists]