Have you tried srfw monitor ?
Maybe it would help you, can you telnet to the port 264? Best Regards lino -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Scott Tobias Sent: Martes, 25 de Abril de 2006 04:56 p.m. To: [email protected] Subject: Re: [FW-1] Cannot Get Topology on new SC setup It might be but you saw it in the log. So would have to filter the IKE traffic coming back from the firewall to the client. On 4/25/06, Sean Donaghey/HDGH <[EMAIL PROTECTED]> wrote: > > I got it working. I had to enable 'IKE over TCP' on the SC client. I > never had to do this before. Could our ISP be doing some filtering on > Port 500 UDP? > > > Sean > > > > > > Scott Tobias <[EMAIL PROTECTED]> > Sent by: Mailing list for discussion of Firewall-1 > <[email protected]> > 04/25/2006 03:02 PM > Please respond to > Mailing list for discussion of Firewall-1 > <[email protected]> > > > To > [email protected] > cc > > Subject > Re: [FW-1] Cannot Get Topology on new SC setup > > > > > > > Sean > > Are you logging the implied rules ? Do you see an FW1_topo (TCP port > 264) requests ? > Could this port be blocked on a upstream router ? > > > On 4/25/06, Sean Donaghey/HDGH <[EMAIL PROTECTED]> wrote: > > > > All of a sudden on a new clean install I cannot get the topology to > > download. I am using Username and password authentication, and it > > just tries for a long time, and then errors out with a 'Timeout Error'. > > > > In the logs, I see an inbound FW1_top, and ISAKMP request from the > > SC computer, and they are both accepted. This problem is not > > affecting VPN users that already have a site defined, just the ones > > that needs to add the site. > > > > What can I check to find out what is going on? > > > > Thanks, > > > > Sean > > > > > > > > The information contained in this e-mail message is confidential and > > protected by law. The information is intended only for the person > > or organization addressed in this e-mail. If you share or copy the > > information you may be breaking the law. If you have received this > e-mail > > by mistake, please notify the sender of the e-mail by the telephone > number > > listed on this e-mail. Please destroy the original; do not e-mail > > back the information or keep the original. > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, send an email to > > [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, please see the instructions > > at http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your subscription > > options, email [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, send an email to > [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your subscription options, > email [EMAIL PROTECTED] > ================================================= > > > > > The information contained in this e-mail message is confidential and > protected by law. The information is intended only for the person or > organization addressed in this e-mail. If you share or copy the > information you may be breaking the law. If you have received this > e-mail by mistake, please notify the sender of the e-mail by the > telephone number listed on this e-mail. Please destroy the original; > do not e-mail back the information or keep the original. > > ================================================= > To set vacation, Out-Of-Office, or away messages, send an email to > [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your subscription options, > email [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
