[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] VPNightmare #2
Hello everyone, Hope somebody can enlightend me on this one... I have here the following scenario: Site A: Stonebeat FullCluster 1 build 1073, FW-1 4.1 SP2 STRONG running on 2 solaris 2.6 nodes Site B: FW-1 4.0 build 4094 (SP5) VPN on Solaris 2.6 VPN between A and B : Phase 1 is SHA1/DES/preshared, phase 2 MD5/DES-40CP/ESP ping from host w.x.y.z to host 10.2.0.1 from behind 4.0 to behind 4.1 the keys get negotiated ok - i get phase 1 completion and phase 2 completion key install msgs for hosts w.x.y.z and 10.2.0.1 the icmp gets encrypted outbound src w.x.y.z dst 10.2.0.1 the icmp gets decrypted inbound src w.x.y.z dst 10.2.0.1 the icmp reply gets encrypted src 10.2.0.1 dst w.x.y.z the icmp reply get REJECTED src10.2.0.1 dst w.x.y.z info: icmp-type 0 icmp-code 0 encryption failure: Cannot find peer scheme: ISAKMP hmmmmm.... any ideas?? TIA Ilya ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|