[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] local interface address spoofing error between 4.1 SP2 & 4.0 SP5 VPN
Hi, I seem to have a problem with a tunnel (DES-40CP) between a 4.1 SP2 box and 4.0 SP5 both on Solaris There are no anti-spoofing controls in place currently on either side. It works to one other Firewall running 4.0 SP1, but only after I added " :resolve_multiple_interfaces (true)" to the objects.C on the 4.1 SP2 FW. The 4.1 FW is sending encrypted data correctly to the 4.0 SP5 FW, but all traffic from the 4.0 SP5 FW back to the 4.1 SP2 FW gets dropped by rule 0 with a "local interface address spoofing" error , just like I had on the 4.1 FW before adding ":resolve_multiple_interfaces (true)" to the firewall object. Now, the 4.0 SP5 FW has at least a dozen other vpn sites connected to it and functioning correctly, so I'm not sure where the problem lies. Anyone know if :resolve_multiple_interfaces (true) can be used on 4.0 also ? Any ideas on what may be causing this problem ?? Mark ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|