carlopmart a écrit :
Hi all,
I am trying to configure a site-to-site VPN between a CP NGX R70
gateway and StoneGate firewall without luck.
StoneGate doesn't have a static ip address, it uses dynamic ip
because it is connected to an ADSL line.
Reading CP documentation, it is only possible to establish this
tunnel using certificates on IKE Phase-1. I have imported stonegate
certificate to checkpoint gateway and I have setup interoperable
device with dynamic ip adress. But I only see this error:
Authentication failed ... Why? Wheres is the problem if cp gateway has
stongate CA and gw certifcate??
a regular ipsec should accept aggressive mode when one device uses
dynamic IP.
Any doc about configuring site-to-site VPN with dynamic Ip's on
interoperable devices??
searching through the vpn admin guide for aggressive doesn't show much
results.
I guess you already asked checkpoint TAC about this.
Many thanks.
Scanned by Check Point Total Security Gateway.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
