Hello Checkpoint gurus :-) I was wondering if you can help me. Basically we have a Checkpoint FW-1 4.1 (Nokia IP330) and 2 locations connected to it through site-to-site VPN (both locations have Cisco devices - router and firewall). I tried to set up a secure connection between them and failed. "Encryption failure. Neither source nor destination are in my domain scheme : FWZ" is in log and packets are dropped. When they connect directly to us (just main office and one of the branches) everything is fine. So, generally speaking we have "hub and spoke" configuration. I was wondering what I need to configure on Checkpoint in order to allow such communications through it. Quick picture:
CiscoRouter---vpn---Checkpoint---vpn---CiscoPIX Router to FW-1 and back works fine PIX to FW-1 and back works fine Router to PIX or back doesn't work. I have found some info suggesting that on "HUB" I need to configure a rule like Rule 1 src: All_HUB_VPN_Domains dst: All_HUB_VPN_Domains. Is it right, don't want to try w/o getting some sort of second opinion. Any ideas would be much appreciated Kind regards, Alexander ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
