You can setup a VPN to an IP30 as I have done it. You have to use a manual setup but you can use pre shared secrets. What you can't do until FP3 is push a policy out as you need the plugin which I am told only works on FP3
-----Original Message----- From: Jason Costomiris [mailto:[EMAIL PROTECTED]] Sent: 30 January 2003 03:33 To: [EMAIL PROTECTED] Subject: Re: [FW-1] VPN between CP NG FP2 and Nokia IP30 On Wednesday, January 29, 2003, at 03:12 PM, Eyal Rif wrote: > Hi, > > I am currently trying to setup a VPN betwee CP NG FP2 and Nokia IP30. > > i am currently working with "simplfied mode",i am trying to setup a > vpn with preshared secert. > I want to tell CP NG FP2 to use a certain "preshared secert" in order > to establish the VPN but i can't find how to do it. You can't. VPN Communities don't support pre-shared secrets until FP3. You should be able to setup the ip30 in your object database as an ng fp2 firewall, just don't try to establish SIC. You tell it vpn-1 is installed, let the ICA gen a cert for the ip30 object, and use the cert extract util to export a pkcs12 package to deliver the certificate to the IP30. Then use the cert to authenticate the VPN. Now you can use VPN Communities in FP2. Just don't try to install a policy on the ip30 from the fp2 gui. > Can anyone please reference me to a document explaining how to > establish a vpn between Nokia IP30 & CP NG FP2? You'll either have to do traditional mode, extract certs or move to fp3. managing the ip30s with the fp3 management console + SSC (SofaWare SmartCenter Connector) is a breeze. You still have to manually define your vpn policy on the ip30 side of things, but it's not too bad. -- Jason Costomiris <>< E: jcostom {at} mac {dot} com / W: http://www.jasons.org/ Quidquid latine dictum sit, altum viditur. ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= The information in this message including any attachments may be confidential or privileged and is for the use of the named recipient only. If you are not the named or intended recipient you may not copy, distribute, or deliver this message to anyone or take any action in reliance on it. If you receive this message in error please contact the sender immediately and delete it from your system ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
