[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] SecuRemote and IKE w/ 4.1
I'm having some trouble getting SR to work with IKE under 4.1. Firewall/Mgmt station is FW-1 4.1 SP3 VPN+DES on Solaris. Secure Client: 4.1 SP3 Build 4174 VPN+DES I've created the CA server (which is the firewall itself) and gen'd a certificate, which does show up in the certificates tab of the firewall object. Under the VPN tab, IKE is enabled with DES and 3DES key exchanges and MD5 and SHA1 are both checked for data integrity. As is Hybrid Mode. Unauthenticated topology downloads is not checked in Properties-> Desktop Security. The SR user is set for Firewall-1 password authentication. The encryption properties are IKE with ESP transform, SHA1 data integrity and DES encryption. On the client, I've checked IKE for the encryption scheme. Now, when I fire up secure client, I can authenticate with the fw for topology downloads, but when setting up the tunnel I get "FWZ encryption is not defined for user" both on the client and in the firewall log. FWZ works fine however. I've dug through all the docs I could find, but couldn't find an answer. Anyone have any insight? Does IKE work without 3DES (vpn+des+strong) support on the fw (I only have vpn+des)? Thanx... ----- Kirk M. Vogelsang <[email protected]> Northeastern University College of Computer Science ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|