[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] [securemote] hybrid IKE mep and serveral sites connected through IKE
I remarked that when running an environment with multiple entrypoints for securemote (hybrid mode flag set) and these entrypoints are connected together with IKE, the VPN connections between the entrypoints won't work. Example: site A ---- VPN(IKE) ---- site B SR hybrid SR hybrid mode IKE mode IKE The VPN connection between site A and site B won't work (=> encryption failure: error occured scheme: IKE) But if I remove the SR hybrid mode flag on site B, the VPN connection between site A/B works again) But I need hybrid mode IKE for central SR user authentication.... My trick to solve this problem was to change the encryption type to SKIP between the entrypoints. Now I can use SR hybrid mode for every entrypoint and the VPN connection between the sites still works (tech info: fw1 4.1sp2 linux, sr4176 win) Or is there another way to fix this situation? regards, mike ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|