Weimen-
You don't mention what version of CP you are using. If it is 4.0, make
sure the Cisco is set up to do host-to-host negotation, not subnet-to-subnet
(CP 4.1 can support subnet-to-subnet; Cisco can do either). Also verify
what the settings are under phase 2 (in the action/encrypt buttons). These
are the two biggest reasons for those errors.
Hope that helps.
thanx,
mn
-----Original Message-----
From: weimin li [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 06, 2000 2:28 PM
To: [EMAIL PROTECTED]
Subject: Re: [FW1] SP2 client using UDP encapsulation
Hi, after I setup IKE VPN between fw1 to cisco ios, from the log server I
saw the following messages,
1.IKE LOG: phase 1(aggressive)completion, 3DES/MD5?pre shared Negotiation
ID:
2.IKE LOG: Received Notification from Peer: no proposal chosed Negotiation
id: ae4c28ac
Then encryption failure: error occured scheme:IKE
Does anyone know why the VPN is failured?
Thanks a lot for your help.
weimin
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
