I have a Sofaware Edge X, firmware 4.5.64x. Management center R55 HFA13. I'm trying to configure a vpn edge to pix, no nat involved, using shared secret, 3des, sha.
While connected to the management center if I try to configure a vpn profile from dashboard, install, "update" on edge, in debug crypto isakmp I see the pix won't accept any proposal. I checked the usual things (network mismatch, parameter mismatch, renegotiation periods), everything seems ok. The configuration was done in simplified mode, star community using shared secrets. However if on the edge I add manually another vpn site with same parameters from the edge web interface, the vpn comes up nicely and works. Obviously in that way rules can't be configured centrally, it seems either I use "vpn does bypass firewall" and let flow everything or I don't and get nothing. At least I know the pix stuff should be ok. Are there any specific known gotchas around ? Or some documentation or sample configurations more specific than the usual "checkpoint to pix configuration sample" ? I didn't find anything useful yet :( Thanks Heiko -- -- PREVINET S.p.A. www.previnet.it -- Heiko Herold [EMAIL PROTECTED] [EMAIL PROTECTED] -- +39-041-5907073 ph -- +39-041-5907472 fax ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
