Reginald, I take it that the ISAKMP errors are coming from the Checkpoint Firewall? Make sure you are doing encryption between two host targets and not subnet to host or host to subnet encryption. The 4.1 version of Checkpoint does support subnets for encryption targets, but I am not sure about the 4.0 version of the Checkpoint product. This is most likely what is causing the issue. I am sure others have ideas as well, but this is what I first thought of.
Lance ----- Original Message ----- From: "Reginald Shorter" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, February 21, 2002 5:11 PM Subject: W2k and FW-1 > > > > Anyone ever seen this error? > Trying to setup a VPN to VPN gateway....CP FW-1 ver. 4.0 SP5 and W2K > (SP2) > > ISAKMP LOG PHASE 1 Completion DES/MD5/Pre shared secrets Negotiation id: > xxxxxxxxxxxxxxxxxxxx > ISAKMP LOG Sent Notification: invalid id information <phase2 stage1> peer > may have sent an ID of type subnets, which is not supported in this version > Negotiation id xxxxxxxxxxxx > > > > > > Reginald C. Shorter > University System of Maryland Service Center > Network and Systems Engineer > Phone: 301.809.3198 > Email: [EMAIL PROTECTED] > Fax: 301.809.3130 > <<Reginald Shorter.vcf>> > _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
