Check you settings for "support key exchange for subnets" -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Brandon Liew Sent: Saturday, 25 November 2006 11:21 AM To: [email protected] Subject: [FW-1] Site to Site VPN Tunnel to Netscreen FW
Dear All, i am having a strange problem.with IP390 firewall running on NGX61. I had set a vpn site to site connection to a netscreen firewall. The error i got it from my smart view tracker - encryption fail reason: Packet is dropped because there is no valid SA From the Smart View Tracker i am able to see the tunnel established. From my vendor network they able to telnet/ping to the segment permited on my internal IP But from my site i am not able to do ping/telnet/ftp and the traffic drop by my cluster firewall with error " The error i got it from my smart view tracker - encryption fail reason: Packet is dropped because there is no valid SA " Any solution or anyone encounter this problem b4 ? -- Warmest Regards Brandon Liew CONFIDENTIAL POLICY: "THIS E-MAIL AND ANY FILES TRANSMITTED WITH IT CONTAINS INFORMATION WHICH MAY BE CONFIDENTIAL IT IS INTENDED SOLELY FOR THE USE OF THE INDIVIDUAL OR THE ENTITY TO WHOM THEY ARE ADDRESSED. IF YOU ARE NOT THE INTENDED RECIPIENT, PLEASE BE ADVISED THAT YOU HAVE RECEIVED THIS E-MAIL IN ERROR AND THAT ANY USE, DISSEMINATION, FORWARDING OR PRINTING OF THIS E-MAIL IS STRICTLY PROHIBITED. IF YOU HAVE RECEIVED THIS E-MAIL IN ERROR, PLEASE NOTIFY US BY RETURN E-MAIL AT THE ADDRESS ABOVE AND DELETE THE E-MAIL FROM YOUR FILES. THANK YOU FOR YOUR CO-OPERATION." ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
