Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] UDP Encapsulation /2746

To: Tony Cottee <[email protected]>
Subject: Re: [FW1] UDP Encapsulation /2746
From: CryptoTech <[email protected]>
Date: Sat, 11 Nov 2000 08:25:03 -0500
Cc: [email protected]
References: <[email protected]>
Sender: [email protected]

Tony,
I've not yet tried to duplicate your config, but the initial connections should be
isakmp (udp500) at least at start.  The default is to have UDP encaps negotiated
unless you specify force_udp_encapsulation (true) in the userc.c file.

What you should see that follows is the ESP and AH if udp encaps is not working.

I have run this in a 4.1 sp1 to 4.1 sp2 scenario with 4.165 securemote.  I will try
4.0 shortly to see if I can get the same prob.

Check back later.
CryptoTech

Tony Cottee wrote:

> Thanks to all those guys thus far who have given input to me on this one.
> It's appreciated.
>
> I'm attempting SR build 4165 connections through a v4.0 to a remote v4.1 SP
> 2 firewall. I get topology however from this 4.1 box, but when I attempt to
> establish a telnet to a host behind my 4.1 firewall I get an error
> connecting to site. On the firewall logs on the v4.0, the telnet session
> appears as an ISAKMP connection - apparently this should actually be udp2746
> and at the remote firewall where I get topology, my snoops should see this
> traffic type. It's not.
>
> We do have strict ACL's in place, but I suspect that this is not the case as
> access from a dialup account is fine. Perhaps this is a local firewall
> issue? I've tried connections from a no. of different machines.
>
> I've followed Phoneboy, and the input from the newsgroups here. However,
> still no joy.
>
> I'm at a loose end here guys.
>
> Thanks, TC
> _________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> Share information about yourself, create your own public profile at
> http://profiles.msn.com.
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] UDP Encapsulation /2746
  - From: "Tony Cottee" <[email protected]>

Prev by Date: Re: [FW1] SP2 and CVP
Next by Date: Re: [FW1] FW-1 and Cisco IOS VPN. Is that possible ?
Previous by thread: [FW1] UDP Encapsulation /2746
Next by thread: [FW1] Max memory upgrade?
Index(es):
- Date
- Thread