Did the user defined for RADIUS authentication? Does the SecuRemote client matches the user properity definition (3DES for 3DES)?
Yim --- Brian Tobin <[EMAIL PROTECTED]> wrote: > I am testing implementation of RADIUS Authentication > for my SecureRemote > Users. I have one test user set for RADIUS > authentication and I have > followed the directions for CheckPoint Solution ID > 3.0.681205.2302683 almost > exactly. > > The only question I have is regarding Step #6, "You > can now create normal > authentication rules (e.g. User Authm Client Auth, > Session Auth). I not > sure what context this is meant for RADIUS. Any > ideas? > > When my test user attempts SecureRemote access, I > get the following in the > logs: > 1. deauthorize - reason No Policy > 2. authcrypt - reason Client Encryption: > Authentication by Pre-Shared > secret scheme > 3. key install - IKE Log: Phase 1 completion > 4. reject - reason Client Encryption: The user > is not defined properly. > 5. key install - IKE Log: Sent Notification: > Client Encrypt > Notification > > It then repeats #4 and #5. I have not made any > changes to my rulebase, > except for allowing two-way traffic between the > RADIUS server and the > firewall over RADIUS port. Currently, my > SecureRemote rule is: > Users@Any Any Any Client Encrypt > > Thanks... > __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
