Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Hybrid Mode IKE + gateway VPN

To: "'Fw-1-Mailinglist (E-mail)'" <[email protected]>
Subject: [FW1] Hybrid Mode IKE + gateway VPN
From: Paul Carmichael <[email protected]>
Date: Mon, 6 Nov 2000 13:51:13 +1100
Sender: [email protected]

Hi again,

has anyone successfully got this going? 

What i find is that as soon as the "VPN-1 Firewall1 authentication for
SecuRemote [Hybrid Mode]" is selected the gateway to gateway VPN breaks.

Could confirm explain why this occurs.

thanks


>  -----Original Message-----
> From: 	Paul Carmichael  
> Sent:	Friday, 3 November 2000 5:18 PM
> To:	Fw-1-Mailinglist (E-mail)
> Subject:	Hybrid Mode IKE breaking the gateway VPN
> 
> Hi,
> 
> 
> I have a strange issue with the implementation of Hybrid Mode IKE.
> 
> 1/ First running 4.1 SP2 on the Nokia's with NT management server
> 2/ Gateway to gateway VPN using IKE with pre shared secrets.
> 3/ Using SecuRemote 4165 works ok.
> 
> 
> Next when things go wrong, is when the implementation of Hybrid mode so
users can use Radius Authentication.
> 1/ Firstly I have followed the IKE implementation document is on the
Checkpoint Web site.
> 2/ I create the internalca on the management server
> 3/ After creating the certifcates for each of the firewall objects the
existing gateway to gateway VPN stops working. 
> 
> What i can see happening is the gateways are trying to using the
certificates instead of the per shared keys, why is this happening and how
can i stop this? 
> 
> What i do not understanding is why implementating hybrid hode IKE
interfers with the gateway VPN ?
> 
> If any one could help you assistance would be greatly appreciated. I have
spoken to a number of people at Checkpoint and there "should" not be any
issues. 
> 
> 
> thanks
> 
> Paul Carmichael
> IT Security Engineer
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> SecureNet  Ltd
> Level 3, 1 James Place,
> North Sydney,
> NSW 2000 AUSTRALIA
> 
> Ph: +61 2 9957 1000	Email: [email protected]
> Fx: +61 2 9957 1111	Web : http://www.securenet.com.au
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
> 


*************************************************************************************
This email message has been swept by MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
*************************************************************************************


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Follow-Ups:
- [FW1] How does "route mapping" compare with VLAN in terms of separation
  - From: Bill Husler <[email protected]>

Prev by Date: RE: [FW1] PGP VPN Client.
Next by Date: RE: [FW1] SecuRemote license woes
Previous by thread: [FW1] Split / encrypted DNS extension
Next by thread: [FW1] How does "route mapping" compare with VLAN in terms of separation
Index(es):
- Date
- Thread