RE: [FW1] FWI

Tranfield, Jonathan Tue, 15 Aug 2000 11:09:23 -0700

Craig,
All the routing etc is good because I have set up test networks either side
and I can see each www test box.
This is also working with NAT enabled.
According to the Checkpoint book when a FWZ policy is enabled the install
message should have FWZ in it.
In fact the install message is saying a standard poicy is being installed.
Thats why I am suspecting the NT boxes.
They are NT 4.0 with service pack 6a.
When I get the time I am going to go back to SP4 or 5 and see if this works.
Some people have alluded to having similar problems with this sp.
Thanks.

Jonathan.






-----Original Message-----
From: Little, Craig (SSI-SIAP-NP5) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 15, 2000 1:21 PM
To: 'Tranfield, Jonathan'
Subject: RE: [FW1] FWI


Jonathan,

It's hard to tell what is happening without knowing the configuration of the
boxes. Are you running encapsulated FWZ, are there routing issues, are the
encryption domains real ip addresses or private addresses. None of these are
unsurmountable, but each has its own effect on the encryption. One thing I
have found with my NT set-ups is that I need a static route on the firewall
to tell it what to do with the packets (even though there is a default route
- it doesn't make sense, but it works...)


Kind Regards,

Craig Little  BSc, CPD, CPI, SCJP, CCSA, CCSE
Inter-Networking / Security Consultant

Shell Services International

Phone:          +64 4 462 4661
Fax:            +64 4 463 4060
Mobile: +64 21 37 5858
mailto:[EMAIL PROTECTED]
http://www.shellservices.com



> -----Original Message-----
> From: Tranfield, Jonathan [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, 15 August 2000 6:26 a.m.
> To: [EMAIL PROTECTED]
> Subject: [FW1] FWI
> 
> 
> 
> I am trying to set up a FWZ vpn connection between  two offices.
> Both firewalls are running on NT.
> The key exchange etc works fine but no matter what I do I 
> cannot get the
> encryption to work.
> I am checking the log files but just getting black control 
> errors on the
> connection.
> I want to see blue right?
> What is odd is that when install policy it comes up as security policy
> installed not FWZ policy installed.
> I am wondering if it could be a problem with NT on the boxes 
> not letting the
> encryption be installed.
> Any help would be greatly appreciated.
> Thanks
> 
> 
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the 
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
> 



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
RE: [FW1] FWI

Reply via email to
