On 16/08/10 22:40, M. N. wrote: > We have a Check Point firewall at NGX R65 HFA60 running in a distributed > environment and one of our customer had a 3rd party execute a PCI scan on > the firewall and the results came back with a red flag: "Weak encryption > algorithm support detected on ISAKMP/UDP500 service"
Can they explain what weak encryption algorithm this is? Because it sounds a lot like an automated scan for which you might be paying way too much. > We have tried just about everything we could configuration wise including > limiting support to ONLY 3DES/AES-256 in the Global Properties but a 2nd > scan yielded the same results. Check Global properties, gateway properties and community properties. Hugo. -- [email protected] http://hugo.vanderkooij.org/ PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
