I am trying to establish a VPN between a 4.0 gateway and a 3.0 gateway. We are already established with SKIP on our other firewalls, but these remaining 3.0 gateways do not have SKIP licesnses installed, and Checkpoint will not issue new licenses for 3.0 So here is my delima: We are using no-routeable addressing over SKIP. From what I understand, FWZ only works with NAT, but IPSEC can use either. Since we use hides on both gateways, FWZ will not be a good choice (since we are trying to do network to network communication.) So I tried using IPSEC (which I again am assuming can be used with a 3.x encryption license on a 3.0 machine.) The 4.0 sends the encrypted packet out, but I never get a decrypt at the other end. I tried pinging a server. I matched up my SPI keys on both gateways and defined them in the rulebase. Can anyone help me with this? Oh am I just going to have to upgrade (not a good idea right now.) I have run out of ideas. Thanks, Dave __________________________________________________ Do You Yahoo!? Get Yahoo! Mail � Free email you can access from anywhere! http://mail.yahoo.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
