[FW1] Hybrid Mode IKE + gateway VPN

Sun, 05 Nov 2000 18:57:45 -0800 


Hi again,

has anyone successfully got this going? 

What i find is that as soon as the "VPN-1 Firewall1 authentication for
SecuRemote [Hybrid Mode]" is selected the gateway to gateway VPN breaks.

Could confirm explain why this occurs.

thanks


>  -----Original Message-----
> From:         Paul Carmichael  
> Sent: Friday, 3 November 2000 5:18 PM
> To:   Fw-1-Mailinglist (E-mail)
> Subject:      Hybrid Mode IKE breaking the gateway VPN
> 
> Hi,
> 
> 
> I have a strange issue with the implementation of Hybrid Mode IKE.
> 
> 1/ First running 4.1 SP2 on the Nokia's with NT management server
> 2/ Gateway to gateway VPN using IKE with pre shared secrets.
> 3/ Using SecuRemote 4165 works ok.
> 
> 
> Next when things go wrong, is when the implementation of Hybrid mode so
users can use Radius Authentication.
> 1/ Firstly I have followed the IKE implementation document is on the
Checkpoint Web site.
> 2/ I create the internalca on the management server
> 3/ After creating the certifcates for each of the firewall objects the
existing gateway to gateway VPN stops working. 
> 
> What i can see happening is the gateways are trying to using the
certificates instead of the per shared keys, why is this happening and how
can i stop this? 
> 
> What i do not understanding is why implementating hybrid hode IKE
interfers with the gateway VPN ?
> 
> If any one could help you assistance would be greatly appreciated. I have
spoken to a number of people at Checkpoint and there "should" not be any
issues. 
> 
> 
> thanks
> 
> Paul Carmichael
> IT Security Engineer
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> SecureNet  Ltd
> Level 3, 1 James Place,
> North Sydney,
> NSW 2000 AUSTRALIA
> 
> Ph: +61 2 9957 1000   Email: [EMAIL PROTECTED]
> Fx: +61 2 9957 1111   Web : http://www.securenet.com.au
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
> 


*************************************************************************************
This email message has been swept by MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
*************************************************************************************


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to