The Edge is in its own community. Moved it out of the community the working Edge boxes were in.
You are correct about SmartCenter. I miss typed. I am accepting all encrypted traffic via the check box. I also have a manual rule setup (as with the working ones) with the source and destination correctly. SmartCenter is on HFA_004. SmartView Status shows the Edge as OK. My logs show the Edge from time to time as there is little traffic at this point but it does not show up in the community column as the others do. Don't know what else to tell you. Thanks for the effort. Steve -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Ray Sent: Wednesday, February 16, 2005 6:30 PM To: [email protected] Subject: Re: [FW-1] VPN-1 Edge X Setup Is this Edge in the same community as the ones that are working? By "Service Center" I assume you mean "SmartCenter" and not a real SofaWare Service Center? Are you accepting all encrypted traffic via the check box or do you have a manual VPN rule set up? If the latter, do you have both the R55 gateway and the Edge box in Source and Destination? Is the Edge managed by SmartCenter or did you do a manual shared secret thing? If SmartCenter, what HFA are you on? There were a lot of Edge-related fixes around HFA07. The only time I had this one-way VPN issue was on an early firmware (like a year ago almost) and once when I had the NAT settings messed up. Ray >From: "Stephen W. Stewart" <[EMAIL PROTECTED]> >Reply-To: Mailing list for discussion of Firewall-1 ><[email protected]> >To: [email protected] >Subject: Re: [FW-1] VPN-1 Edge X Setup >Date: Wed, 16 Feb 2005 14:32:28 -0600 > >Another piece of the puzzle to think about. > >When trying to connect to a Service Center my FW-1 log shows the >following message: > >message_info: Implied rule encryption failure: Different community ID, >possible NAT problem (VPN Error code 02) > >Steve > > >-----Original Message----- >From: Mailing list for discussion of Firewall-1 >[mailto:[EMAIL PROTECTED] On Behalf Of Ray >Sent: Wednesday, February 16, 2005 10:12 AM >To: [email protected] >Subject: Re: [FW-1] VPN-1 Edge X Setup > >Check out 5.0.50. It fixed a bunch of VPN problems in 5.0.43 including >a memory leak that made me have to reboot mine every few days. > >Ray > > >From: Russell Aspinwall <[EMAIL PROTECTED]> > >Reply-To: Mailing list for discussion of Firewall-1 > ><[email protected]> > >To: [email protected] > >Subject: Re: [FW-1] VPN-1 Edge X Setup > >Date: Wed, 16 Feb 2005 14:15:15 +0000 > > > >Hi, > > > >I have used a variety of firmware versions on the Edge and found > >v5.0.43x a vast improvement since v4.0.93x and many in between. Site > >to > > >Site VPNs offer a significantly better level of performance and > >reliability, primarily NGAI R55 to Edge, Edge to Edge VPNs have not > >been a problem. > > > >Stephen W. Stewart wrote: > >>Hi All, > >> > >>Trying to set up an Edge X box for a remote office in Site to Site >mode. > >>I currently have 2 other sites that are working just fine. The only > >>difference with the new X is that it will have a static IP and the > >>two > > >>that are working are using DHCP. > >> > >>I can create the site and then look in the reports section at the > >>VPN Tunnels section and nothing shows up. If I ping the internal IP > >>of the X box a tunnel is established and the X box replies. I > >>cannot ping the other way into the "home" network behind the FW-1. > >> > >>The established tunnel shows IKE (Phase 1): 3DES/SHA1. > >> > >>Any ideas? > >> > >>Thanks > >> > >> > >>Stephen W. Stewart > >> > >>================================================= > >>To set vacation, Out-Of-Office, or away messages, send an email to > >>[EMAIL PROTECTED] > >>in the BODY of the email add: > >>set fw-1-mailinglist nomail > >>================================================= > >>To unsubscribe from this mailing list, please see the instructions > >>at http://www.checkpoint.com/services/mailing.html > >>================================================= > >>If you have any questions on how to change your subscription > >>options, email [EMAIL PROTECTED] > >>================================================= > >> > > > > > >-- > >Regards > > > >Russell > > > >================================================= > >To set vacation, Out-Of-Office, or away messages, send an email to > >[EMAIL PROTECTED] > >in the BODY of the email add: > >set fw-1-mailinglist nomail > >================================================= > >To unsubscribe from this mailing list, please see the instructions at > >http://www.checkpoint.com/services/mailing.html > >================================================= > >If you have any questions on how to change your subscription options, > >email [EMAIL PROTECTED] > >================================================= > >================================================= >To set vacation, Out-Of-Office, or away messages, send an email to >[EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your subscription options, >email [EMAIL PROTECTED] >================================================= > >================================================= >To set vacation, Out-Of-Office, or away messages, send an email to >[EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your subscription options, >email [EMAIL PROTECTED] >================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
