>When i try to create a new Site on the Client side i get the error message >"Site megamos says that it is not a CA >Check whether you have got the right IP-Adress for XXXXX >and check with the FW-1 admin there wether xxx.xxx.xxx.xxx is >indeed a FW-1 control station." Guido, You need to generate your RSA public/private key pair and DH keys. To do this, you need to enable FWZ in your firewall object's VPN tab. In the properties of FWZ, in the Key Manager tab generate our "exponent" and "modulus" [(e,n) RSA Public Key]. Under the DH tab, generate your DH key. This will allow for the session. If you want to force authentication of topo downloads, make sure that you have UNCHECKED "Respond to Unauthenticated Clear Topo requests" in the Desktop Security tab of the Policy Properties dialogue box. Good luck, Amin Tora, CISSP ePlus Technology http://www.eplus.com NASDAQ: PLUS ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
