Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] [securemote] hybrid IKE mep and serveral sites connected through IKE

To: <[email protected]>
Subject: [FW1] [securemote] hybrid IKE mep and serveral sites connected through IKE
From: "Mike Thomi" <[email protected]>
Date: Sun, 11 Mar 2001 12:56:04 +0100
Sender: [email protected]

I remarked that when running an environment with multiple entrypoints for
securemote (hybrid mode flag set) and these entrypoints are connected
together with IKE, the VPN connections between the entrypoints won't work.

Example:

site A              ---- VPN(IKE) ----    site B
SR hybrid                                          SR hybrid
mode IKE                                         mode IKE

The VPN connection between site A and site B won't work (=> encryption
failure: error occured scheme: IKE)
But if I remove the SR hybrid mode flag on site B, the VPN connection
between site A/B works again)

But I need hybrid mode IKE for central SR user authentication....
My trick to solve this problem was to change the encryption type to SKIP
between the entrypoints.
Now I can use SR hybrid mode for every entrypoint and the VPN connection
between the sites still works

(tech info: fw1 4.1sp2 linux, sr4176 win)

Or is there another way to fix this situation?

regards,

mike




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] userc.C
Next by Date: Re: [FW1] userc.C
Previous by thread: [FW1] SecureRemote/SecureClient Version Checking
Next by thread: [FW1] [fw4.1sp2 linux]: after adding users and installing user db on fw modules they won't be recognized for authentication
Index(es):
- Date
- Thread