I can not tell from the information you provided what mechanism you are using, but UDP encapsulation is the common method for doing IPSEC VPNs if you are going to NAT.
----- Original Message ----- From: "Madigan, John" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, September 27, 2002 8:27 AM Subject: [FW-1] IPSEC NAT Traversal > I have a remote VPN setup to connect to a VPN-1 Secure Server with a private > IP address. This traffic must get tunnelled thru my FW-1 4.1 SP6 firewall, > where a manual NAT takes place on this connection. The goal is for an > end-to-end encrypted connection for remote site VPN access directly to the > VPN-1 Secure Server. > > The remote site uses a SonicWall firewall and is able to reach the VPN-1 > Secure Server. The encryption setup is IKE, SHA1,and ESP with pre-shared > secret. Phase 1 > of the negotiation completes successfully, but the logs reveal: IKE Log: > Received Notification from Peer, no Proposal Chosen. > > The SonicWall log reveals: NAT Discovery: Peer IPSEC Security Gateway does > not Support VPN NAT Traversal. > > Is there a fix for this like maybe an entry added to the Objects.C file on > the Management Server? > > Many thanks for your feedback. > > John > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
