[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] IKE VPN between two FW1 Machines
I will keep this short and sweet in the hopes that it gets read and possibly even a response. I am trying to do a VPN between a FW1 4.0 Sp6 machine and a FW1 4.1 Sp2 machines. Here is what I have defined: Subnet A: 172.18.8.0 255.255.252.0 Subnet B: 172.18.4.0 255.255.252.0 Both Firewalls have the licensing installed on the External Interface. The encryptions domains for both firewalls are the local subnets (A for 1, B for 2) plus the external hosts I am doing NAT on, i.e. the webserver, the smtp server. Here are my 2 rules and the error messages I get. 1. Subnet A SubnetB Any Encrypt 2. SubnetB SubnetA Any Encrypt Nat Rules: 1. SubnetA SubnetB Any Original Original Original Nat Rules (for other machine): 2. SubnetB SubnetA Any Original Original Original The log error messages I get are as follows.... ISAKMP Log: Sent Notification: invalid id information <phase2 stage1>: peer may have sent an ID of type subnets, which is not supported in this version Negotiation Id: 2d30cfb5 Cheers, Jamie The information transmitted by the following E-Mail is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination, or other use, or taking any action upon this information by persons or entities other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication in error, please contact us immediately atext. 3600 and delete the communication from any computer or network system. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|