[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Hybrid Mode IKE + gateway VPN
Hi again, has anyone successfully got this going? What i find is that as soon as the "VPN-1 Firewall1 authentication for SecuRemote [Hybrid Mode]" is selected the gateway to gateway VPN breaks. Could confirm explain why this occurs. thanks > -----Original Message----- > From: Paul Carmichael > Sent: Friday, 3 November 2000 5:18 PM > To: Fw-1-Mailinglist (E-mail) > Subject: Hybrid Mode IKE breaking the gateway VPN > > Hi, > > > I have a strange issue with the implementation of Hybrid Mode IKE. > > 1/ First running 4.1 SP2 on the Nokia's with NT management server > 2/ Gateway to gateway VPN using IKE with pre shared secrets. > 3/ Using SecuRemote 4165 works ok. > > > Next when things go wrong, is when the implementation of Hybrid mode so users can use Radius Authentication. > 1/ Firstly I have followed the IKE implementation document is on the Checkpoint Web site. > 2/ I create the internalca on the management server > 3/ After creating the certifcates for each of the firewall objects the existing gateway to gateway VPN stops working. > > What i can see happening is the gateways are trying to using the certificates instead of the per shared keys, why is this happening and how can i stop this? > > What i do not understanding is why implementating hybrid hode IKE interfers with the gateway VPN ? > > If any one could help you assistance would be greatly appreciated. I have spoken to a number of people at Checkpoint and there "should" not be any issues. > > > thanks > > Paul Carmichael > IT Security Engineer > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SecureNet Ltd > Level 3, 1 James Place, > North Sydney, > NSW 2000 AUSTRALIA > > Ph: +61 2 9957 1000 Email: [email protected] > Fx: +61 2 9957 1111 Web : http://www.securenet.com.au > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > ************************************************************************************* This email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ************************************************************************************* ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|