Jeff, Make also sure your SecuRemote package is STRONG (support for 3DES).
Yim --- Jeff Harris <[EMAIL PROTECTED]> wrote: > I checked the encrytion and it is set to use 3DES, > our FW is licensed for 3DES and also i forgot to add > we also have a license for sercuremote. Not sure > what could be the problem > > thanks > > -----Original Message----- > From: <Aaron Reynolds> > [mailto:Aaron.Reynolds@;FRANKLINCOVEY.COM] > Sent: Thursday, October 24, 2002 6:55 PM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] Securemote IKE > > > Check the client, and make sure that they are > running the right encryption. > So if you are 3DES at the firewall, make sure they > are not running DES. > This may not be the answer. I am not running NG, but > in 4.1, I had a similar > error of "User undefined", which ended up being this > very problem. Let me > know. > > -Aaron > > -----Original Message----- > From: Jeff Harris [mailto:Jeff.Harris@;VIA-IT.COM] > Sent: Thursday, October 24, 2002 11:57 AM > To: [EMAIL PROTECTED] > Subject: [FW-1] Securemote IKE > > > Greetings > > I ran into a problem setting up securemote ver > NGFP1. I keep getting > "negotiation with gateway 123.123.123.123 at site > 123.123.123.123 has > failed. user unknown" after it verifies the > certificate. After reviewing the > logs I can see its getting dropped by rule 0 and it > reads "reason Client > encryption: user unknown. Now I have double checked > the username and > password in the FW db and also check my IKE setting, > checked the box to > export topology to securemote but still no luck. I > have this rule setup > > source dest > service > action > > remoteuser@any Encrypted_dom any > Client encrypt > > > this is a fresh install on w2k FW NG FP1 > > > Any ideas would be greatly appreciated > > J > > > This electronic message and all contents and > attachments contain information > from the firm VIA Information Tools Inc. and/or its > affiliates, which may be > privileged, confidential or otherwise protected from > disclosure. The > information is intended to be for the addressee > only. If you are not the > addressee, or otherwise have reason to believe that > you have received this > message in error, then any disclosure, copy, > distribution or use of this > message, or its contents or any of its attachments, > is prohibited. If you > have received this electronic message in error, > please notify us immediately > (phone: 248.601.6400, fax: 248.601.6411) and destroy > the original message > and all copies. > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= __________________________________________________ Do you Yahoo!? Y! Web Hosting - Let the expert host your web site http://webhosting.yahoo.com/ ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
