I've seen this when one of the following is true.
1) You are not using 3des SR client for IKE.
2) You have defined password scheme other than pre-shared/certificates
3) MD5/sha-1 does not match on the fw.
Make sure you have 3des when you do a fw printlic -k, and also on the sr
side.
Thomas Poole
-----Original Message-----
From: Michael Louie [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 10, 2000 6:11 AM
To: [EMAIL PROTECTED]
Subject: [FW1] SecureRemote -FWZ works, IKE does not
Hi-
I am tryign to configure VPN. I am using Checkpoint firewall-1 version 4.0b
with SecureRemote version 4.1 build 4157. For some reason, FWZ encryption
scheme seems to work fine, but IKE fails with the error. "Negotiation with
Firewall at site x.x.x.x has failed. The user is not defined properly."
Can
someone please shed some light on this one?
ANy help would be deeply appreciated,
Mike
BTW....I see the following in the firewall log
3:02:29 reject firewall >daemon proto ip src xxxxxxxxxx dst firewall user
mike
rule 0 reason Client Encryption: The user is not defined properly.
3:02:29 keyinst firewall >daemon src firewall dst xxxxxxxxxx ISAKMP Log:
Sent
Notification: Client Encrypt Notification: <phase2 stage1> Negotiation
Id: d88678e2
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
