| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] local interface address spoofing error between 4.1 SP2 & 4.0 SP5 VPN
Hi,
I seem to have a problem with a tunnel (DES-40CP) between a 4.1 SP2
box and 4.0 SP5 both on Solaris
There are no anti-spoofing controls in place currently on either side.
It works to one other Firewall running 4.0 SP1, but only after I added "
:resolve_multiple_interfaces (true)" to the objects.C on the 4.1 SP2 FW.
The 4.1 FW is sending encrypted data correctly to the 4.0 SP5 FW, but all
traffic from the 4.0 SP5 FW back to the 4.1 SP2 FW gets dropped by rule 0
with a "local interface address spoofing" error , just like I had on the
4.1 FW before adding ":resolve_multiple_interfaces (true)" to the firewall
object.
Now, the 4.0 SP5 FW has at least a dozen other vpn sites connected to it
and functioning correctly, so I'm not sure where the problem lies.
Anyone know if :resolve_multiple_interfaces (true) can be used on 4.0 also
?
Any ideas on what may be causing this problem ??
Mark
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
