For the pre-share to be used you must have the auth type for the user undefined.
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Philippe Blavier Sent: Sunday, March 05, 2006 6:18 AM To: [email protected] Subject: Re: [FW-1] Secureclient : Could not agree on common methods Just to be sure we are agree on what we re talking : In user properties, you have the authentication tab and the encryption tab. The first one lets you define a password (8 characters max) and the second tab lets you use an IKE auth based on either a pre shared key (which doesnt work) or a public key. I need to get working the authentication based on the pre shared key but VPN-1 only accepts the password defined in the authentication tab. I should not be alone to authenticate my remote users with a pre shared secret ? Thx Philippe BLAVIER International Network Administrator +33 1.46.01.48.22 [EMAIL PROTECTED] -----Message d'origine----- De : Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] De la part de Reinhard Stich Envoyé : samedi 4 mars 2006 22:33 À : [email protected] Objet : Re: [FW-1] Secureclient : Could not agree on common methods At 20:02 04.03.2006, you wrote: >Ok but what is the purpose of the pre shared secret in the encryption >tab in users properties ??? to authentiate your VPN-client. >Trouble if this is a normal behaviour is we can not authenticate users >with complex passwords : >no more 8 characters in the authentication tab :/ well, use certificates for authentication, that's much more secure. and better with smartcards, for example aladdin etoken. cheers reinhard >Very strange ... > > >Philippe BLAVIER >International Network Administrator >+33 1.46.01.48.22 >[EMAIL PROTECTED] > > > >-----Message d'origine----- >De : Mailing list for discussion of Firewall-1 >[mailto:[EMAIL PROTECTED] De la part de sin >Envoyé : vendredi 3 mars 2006 16:22 À : >[email protected] >Objet : Re: [FW-1] Secureclient : Could not agree on common methods > >Philippe Blavier wrote: > > > > > > > > I have already tried checking the hybrid > mode. Actually it only works if hybrid mode is checked. > > It means I can anthenticate the Secureclient with the username > > defined in the GUI and the password defined in the user > > Authentication Tab. I cant anthenticate the user with the couple > > username and pre shared key :/ > > > >this is the normal and expected behavior: >either username/passwod combination or user certificate. > >================================================= >To set vacation, Out-Of-Office, or away messages, send an email to >[EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your subscription options, >email [EMAIL PROTECTED] >================================================= > >================================================= >To set vacation, Out-Of-Office, or away messages, send an email to >[EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your subscription options, >email [EMAIL PROTECTED] >================================================= -- Reinhard Stich ASSIST [EMAIL PROTECTED] Internet Security AG, 1150 Wien, Johnstrasse 29 Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-333 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
