Conspiracy theories aside (not going to speculate on CP's policies on support/software bugs, etc), this is exactly what happened. After spending far too much time trying to get this VPN up and running (between Cisco and Checkpoint), the solution was to put a Cisco router in parallel with the FW-1. VPN was up in a matter of minutes.
- Jim
Hal Dorsman wrote:
Jim raises an interesting point. It may fall into the realm of conspiracy theories, but especially in the era of outsourcing support to third world countries that pay their support people six bucks a day, tech support suddenly becomes a huge money maker instead of an unavoidable cost center. What motivation does a software manufacturer have to provide independence and ability for self support to their customers? Absolutely none. It certainly is arguable that a manufacturer would intentionally withhold information, possibly even intentionally release buggy software in order to create and perpetuate said dependence. The fact that some companies, Checkpoint among them, intentionally withhold vital information from users without support contracts clearly supports this contention. Cisco is one exception, and possibly the best example of a company that puts everything possible out in the public domain without requiring high support costs. I have never ever had problems finding the information I need to troubleshoot and fix Cisco problems. I have always had trouble finding the necessary information about Checkpoint products.
What recourse does the end user have in this environment? Purchase and use products that provide all available information to the public domain. That will provide a self correcting process in the marketplace.
Just my .02 black helicopters.
Hal
-----Original Message----- From: Jim Burwell [mailto:[EMAIL PROTECTED] Sent: Friday, April 16, 2004 6:07 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] Is it true about relicensing checkpoint
Hi,
So it's true that VPNs still fail, even under CPNG if you license the inside interface instead of the outside interface ? I recently tried to get a Cisco <-> CPNG VPN going between our Cisco router and customer's CPNG FW which was configured totally wrong (it was amazing how screwed up it was!) Couldn't never get it to work. Not having access to the 'real' CP KB, or any CPNG docs didn't help much either (Can't believe CP doesn't even let you download docs w/o a contract).
Suprised CP doesn't do something to resolve issues like this. It'd make life easier on people who have to support their product, and likely significantly reduce their tech support call volume.
- Jim
-- +------------------------------------------------------------- --------------+
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
-- +---------------------------------------------------------------------------+ | Jim Burwell - Sr. Systems/Network/Security Engineer, JSBC | +---------------------------------------------------------------------------+ | "I never let my schooling get in the way of my education." - Mark Twain | | "UNIX was never designed to keep people from doing stupid things, because | | that policy would also keep them from doing clever things." - Doug Gwyn | | "Cool is only three letters away from Fool" - Mike Muir, Suicyco | | "..Government in its best state is but a necessary evil; in its worst | | state an intolerable one.." - Thomas Paine, "Common Sense" (1776) | +---------------------------------------------------------------------------+ | Email: [EMAIL PROTECTED] ICQ UIN: 1695089 | +---------------------------------------------------------------------------+ | Reply problems ? Turn off the "sign" function in email prog. Blame MS. | +---------------------------------------------------------------------------+
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
