The encryption domains are not correctly defined. Ensure the enc. domain
for the first
firewall includes all hosts behind it and NAT'd addresses, including the
firewall if you are
hiding behind it. Likewise for the second firewall.
Karim Ismail
Internet: [EMAIL PROTECTED]
"Jesus Calvo Hernandez" <[EMAIL PROTECTED]> on 05/22/2000 12:13:41 PM
Please respond to "Jesus Calvo Hernandez" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
cc:
Subject: [FW1] Encryption failure: No peer gateway found for the
destination scheme SKIP
Hi I�m having serious problems to get a vpn link working being these based on this: Encryption failure: No peer gateway found for the destination scheme SKIP I will explain it now below. Would you be so kind to give an advice? Question: I am trying to set up a vpn link between a customer firewall 1 version 4.1 vpn des and my firewall 1 version 4.0 vpn des. This last one is configured on a distributed basis, one machine being the management station and another different the firewall itself. The management machine has got its external public address as a nat of the internal private address. The firewall has got one internal nic and another external one, no nat then. We have successfully fetched CA and DH keys on both firewalls from each opposite one, for what previously we defined a rule permitting FW service (port 256 tcp) between my management station and the remote firewall. Encryption scheme is SKIP. The problem is that once done this when trying any communication (pinging, for example) on the log of my firewall always appears: I have defined correctly encrytion domain for my firewall and customer firewall, being it the internal nets of each one and in the case of the customer also its firewall because it is also a mail server and needs encryption. Rules stating encrypted traffic between both encryption domains are also added. What can be happening? Regards ------------------------------------------------------------------ This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author and do not necessarily represent those of Sema Group. If you are not the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you have received this email in error please notify it to Sema Group sae Helpdesk by telephone on number +34 91 4408888. ------------------------------------------------------------------
|
Hi
I´m having serious problems to get a vpn link working
being these based on this:
Encryption failure: No peer gateway found for the destination
scheme SKIP
I will explain it now below. Would you be so
kind to give an advice?
Question:
I am trying to set up a vpn link between a
customer firewall 1 version 4.1 vpn des and my firewall 1 version 4.0 vpn des.
This last one is configured on a distributed basis, one machine being the
management station and another different the firewall itself. The management
machine has got its external public address as a nat of the internal
private address. The firewall has got one internal nic and another external one,
no nat then.
We have successfully fetched CA and DH keys on
both firewalls from each opposite one, for what previously we defined a rule
permitting FW service (port 256 tcp) between my management station and the
remote firewall. Encryption scheme is SKIP.
The problem is that once done this when trying
any communication (pinging, for example) on the log of my firewall always
appears:
I have defined correctly encrytion domain for my
firewall and customer firewall, being it the internal nets of each one and in
the case of the customer also its firewall because it is also a mail server and
needs encryption.
Rules stating encrypted traffic between both encryption
domains are also added.
What can be happening?
Regards
|
