> From: Rod Cappon <[EMAIL PROTECTED]>
> The key is do not do PFS and ensure that you manually bypass the NAT on the
Actually you can enable PFS. Checkpoint only supports oakley group 1 (768),
but default this is what PIXes use also.
> isakmp identity hostname
careful if ur hostname is not registered, if that's the case, use
isakmp identity address
--
Jian L. Zhen
<[EMAIL PROTECTED]>
wasaaaaaaaaaaaaaaaaaaaaaabi
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
