Hi, I eventually got the VPN working, but I had to modify the Firewall-1 cluster object ip address to be the same as the primary firewall in the cluster. No VPN failover, but it works.
Regards, Miles. -----Original Message----- From: Katsumi, Fred [mailto:[EMAIL PROTECTED]] Sent: 28 November 2001 17:45 To: [EMAIL PROTECTED] Subject: Re: [FW-1] VPN to watchguard SOHO What's the log say? Have you checked the encryption domain? > -----Original Message----- > From: Serge Vondandamo [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, November 28, 2001 12:01 PM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] VPN to watchguard SOHO > > > Hi, > > I don't know about Miles but, I can get work. > I can ping the External interface of the Firebox II from the > FW1 but not the > Internal one. > And the same thing on the other site. > > The problem I have is the Phase 1 also, I am using DES and > SHA 1 for but > side. > The IKE properties are DES + SHA 1 > The encryption rule is : > > 1. conncetion rule > > fw1 -> FboxII -> any -> Accept > FboxII ->fw1 -> any -> Accept > > 2.VPN rule > > fwboxII_net -> fw1_net -> any -> Encrypt -> Long - >fw1 > fw1_net -> fwboxII_net -any -> Encrypt -> Long - >fw1 > > The fw1 drops the packets all the time. > > Any idea ? > > Thanks, > > Serge > > -----Original Message----- > From: Ron Brown [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, November 28, 2001 4:26 PM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] VPN to watchguard SOHO > > > What kind of problems are you having ? > > I set up a FW-1 to WatchGuard SOHOtc a couple of days ago and > ran into a problem with phase-1 negotiations.. apparently the > WatchGuard > device needs to do the phase-1 stuff using DES and SHA1 only.. > > > > Ron Brown > Midrange Systems Specialist > Firewall / VPN Administrator > Maine Medical Center - Information Services > 420 Cumberland Avenue > Portland, Maine 04101 > > > >>> [EMAIL PROTECTED] 11/28/01 04:28AM >>> > Hi, > > Anybody got any experience on how to get a VPN working > between a Firewall-1 > Gateway Cluster and a WatchGuard SOHO. > > The SOHO is so thick it has problems. > > Regards, > > Miles. > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: 25 November 2001 10:22 > To: [EMAIL PROTECTED] > Subject: [FW-1] NG FP1 > > > Hello FW-1-MAILINGLIST, > > Do you know when the FP1 will be available for download (on > solaris and win2k)? > > It is announced on the CP web site from some week, but it is > not possible to download it!!!!!!!!!! > > > -- > Best regards, > MaXsecurity > > =============================================== > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > =============================================== > > > ********************************************************************** > COLT Telecommunications > Registered in England No. 2452736 > Registered Office: Bishopsgate Court, 4 Norton Folgate, London E1 6DQ > Tel. 020 7390 3900 > > This message is subject to and does not create or vary any contractual > relationship between COLT Telecommunications, its subsidiaries or > affiliates ("COLT") and you. Internet communications are not secure > and therefore COLT does not accept legal responsibility for the > contents of this message. Any view or opinions expressed are those of > the author. The message is intended for the addressee only and its > contents and any attached files are strictly confidential. If you have > received it in error, please telephone the number above. Thank you. > > > ************************************************************** > ********** > > =============================================== > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > =============================================== > > =============================================== > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > =============================================== > > =============================================== > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > =============================================== > =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== ********************************************************************** COLT Telecommunications Registered in England No. 2452736 Registered Office: Bishopsgate Court, 4 Norton Folgate, London E1 6DQ Tel. 020 7390 3900 This message is subject to and does not create or vary any contractual relationship between COLT Telecommunications, its subsidiaries or affiliates ("COLT") and you. Internet communications are not secure and therefore COLT does not accept legal responsibility for the contents of this message. Any view or opinions expressed are those of the author. The message is intended for the addressee only and its contents and any attached files are strictly confidential. If you have received it in error, please telephone the number above. Thank you. ************************************************************************ =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================