I have already tried checking the hybrid mode. Actually it only works if hybrid
mode is checked.
It means I can anthenticate the Secureclient with the username defined in the
GUI and the password defined in the user Authentication Tab. I cant
anthenticate the user with the couple username and pre shared key :/
-----Message d'origine-----
De : Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] De la
part de sin
Envoyé : vendredi 3 mars 2006 08:44
À : [email protected]
Objet : Re: [FW-1] Secureclient : Could not agree on common methods
Philippe Blavier wrote:
> Hi,
>
>
> I have a trouble authenticating my SecureClients with IKE(pre shared key). I
> can get them authenticated only using the internal user and password. Trouble
> is that the internal password only supports password less than 8 characters.
>
> On Global properties :
> - Preshared key Secret (for Secureclient securemote usersà is checked
> - Public key is checked and cant be unchecked
> - Hybrid mode is unchecked
>
> In the user properties
> - IKE is checked in the user encryption tab
> - a preshared secret has been defined
> - public key is checked
> - the ike encryption tab is grayed.
>
> Every time a user attempts to connect the cluster (VPN-1 Express cluster with
> IPSO clustering) I get the following message in the log viewer :
>
> - reason: Client Encryption: Could not agree on common methods.
> IKE: Main Mode Sent Notification to Peer: Client Encrypt Notification: [0008]
> Could not agree on common methods.
> - Check that the user is properly defined.
>
> I am wondering if this is a licencing issue or a config issue since I get
> working the secureclient in office mode using the internal auth methode.
>
check hybrid mode, install policy and give it a go.
(last time i saw this was beacause of hybrid mode not being checked)
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL
PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email
[EMAIL PROTECTED] =================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
