Hi!
All i know about udp-encap ist this(maybe a help):
To configure the UDP Encapsulation Mode for FireWall-1 4.1 SP2 and later service packs
of FireWall-1 4.1, create a service called VPN1_IPSEC_encapsulation if it does not
already exist. Create it with port UDP 2746. Then add the following section to the
section with your gateway object to objects.C:
:isakmp.udpencapsulation (
:resource (
:type (refobj)
:refname<
("#_VPN1_IPSEC_encapsulation")
)
:active (true)
)
Re-install the policy.
In NG, you can configure UDP Encapsulation in the Policy Editor in the IKE Properties.
Regards Thomas
-----Ursprungliche Nachricht-----
Von: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] Auftrag von
Figaro, Nicolas
Gesendet: Freitag, 19. Dezember 2003 14:50
An: [EMAIL PROTECTED]
Betreff: Re: [FW-1] Nokia IP120 and Check Point Config Questions
It looks like the ng fp3 gui doesn't work with
ng fp2 management server, or the default filter is loaded on the nokia.
Try to run a tcpdump on the ip 120 to see if the management traffic
works fine between
IP120 and gui.
Nicolas figaro
-----Original Message-----
From: Al Barnett [mailto:[EMAIL PROTECTED]
Sent: Friday, December 19, 2003 1:11 PM
To: [EMAIL PROTECTED]
Subject: [FW-1] Nokia IP120 and Check Point Config Questions
Hi All,
I have a Nokia IP120 with IPSO 3.6 FCS 3 installed.
It has the following pre-installed
Check Point VPN-1/Firewall-1 NG Feature Pack 2
Check Point Policy Server NG Feature Pack 2
Check Point SVN Foundation Ng Feature Pack 2
I also have a Check Point license for Firewall-1 SmallOffice for 10 IP
but the CD that came with the license is NG Feature Pack 3 Enterprise
Suite.
I would like to run the Nokia as a stand-alone Check Point device and
configure it using a remote GUI client from a Windows XP PC.
I have activated the Check Point software on the Nokia IP120 and I have
used cpconfig to created an administrator's account and enabled the
remote PC's IP address as an accepted GUI client host.
I have also installed the Remote GUI software from the Enterprise Suite
CD.
When I attempt to connect to the Nokia I get a 'Connection cannot be
established. Incompatible version of Server'.
My first question has to be is the above scenario possible? I am new to
the Check Point way of doing things and could easily be trying to do the
impossible.
All suggestions gratefully received ...
Thanx in advance
Al Barnett
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
