RE: [FW1] Secure Remote with IKE and Shared Secrets

Tue, 27 Jun 2000 13:57:45 -0700 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- From recent experience with this:

Do you have a ClientEncrypt rule and a rule that accepts IKE
connections, both logging long? If so there should be a log message
that tells you something of what is going on. In my case it was not
agreeing on an authentication type.

The IKE rule may be covered under Policy/Properties/Accept VPN-1 &
Firewall-1 Control connections if you have that checked. You should
also check log implied rules.

The user setup is also non-obvious if you want to use VPN-1
username/password.

Jim

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On 
> Behalf Of Tony
> Miedaner
> Sent: Wednesday, 28 June 2000 05:47
> To: [EMAIL PROTECTED]
> Subject: [FW1] Secure Remote with IKE and Shared Secrets
> 
> 
> 
> 
> *** PGP Signature Status: unknown
> *** Signer: Unknown, Key ID = 0x8E387B98
> *** Signed: 28/06/00 17:47:27
> *** Verified: 28/06/00 08:43:25
> *** BEGIN PGP VERIFIED MESSAGE ***
> 
> Hi,
> 
> I am trying to setup a Secure Remote client to a CP2K VPN/Firewall
> using IKE and Shared keys.
> 
> The topology seems to come down OK but I see the port 500 IKE
> negotiation from the client (packet from client to firewall IP) but
> the firewall will not respond with anything.
> 
> I log any and any but I don't even get a log entry indicating what
> the problem is.
>  
> 
> Any help would be appreciated.
> 
> Can anyone point me to a specific resource for this type of
> configuration? 
> 
> 
> *** END PGP VERIFIED MESSAGE ***
> 
> Tony Miedaner
> Network Security Engineer
> Network Engineering Unit
> Appliedtheory Inc.
> 315-453-2912 x5361
> 
> 
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the 
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
> 

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBOVhrctTl/xid+Ou9EQKF1wCgzFOgB5uNhlsoRenV4tVJPSMvdJIAn1Cm
OEIzzXhz9ZWQm4YhNLA8Q9D3
=vIwu
-----END PGP SIGNATURE-----


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to