Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] problems with udp-encapsulation

To: [email protected]
Subject: [FW1] problems with udp-encapsulation
From: [email protected]
Date: Sat, 7 Apr 2001 19:09:35 +0200
Sender: [email protected]

Hello list,

      I am trying to set up UDP encapsulation for my securemote vpns.

      The client is a Securemote 4.1 SP3 build 4176 single-DES for w2k, it
      is behind a ADSL router.

      So I edited objects.C, and added de following to the definition of my
      management:

      :isakmp.udpencapsulation (
          :resource (
                :type (refobj)
                :refname ("#_VPN1_IPSEC_encapsulation")
          )
          :active (true)
      )

      The fw object is a fw-1 4.1 sp3 on a solaris 2.6 system. The service
      "VPN1_IPSEC_encapsulation" was already defined on udp/2746.

      Once I downloaded the topology from the client I started to see
      trafic on udp/2746 on the external interface of my fw, but the
      firewalls just ignores it.

      No entries in the log, no alerts, no nothing, except for the
      key-download and the ike-exchange, which are both succesfull.

      If I take a look to the LISTEN ports on the fw I can see udp/500 for
      IKE and udp/264 for fw_topo, but nobody is listening for udp/2746, is
      this normal?

      I am pretty sure the client is well configured, I have succesfully
      established a VPN with the Demo page at Checkpoint.com using
      udp-encapsulation.

      So, any ideas?
      did I forgot something?

      thanks in advance.

          Raúl

La información incluida en el presente correo electrónico es CONFIDENCIAL,
siendo para el uso exclusivo del destinatario arriba mencionado. Si usted
lee este mensaje y no es el destinatario señalado, el empleado o el agente
responsable de entregar el mensaje al destinatario, o ha recibido esta
comunicación por error, le informamos que está totalmente prohibida
cualquier divulgación, distribución o reproducción de esta comunicación, y
le rogamos que nos lo notifique, nos devuelva el mensaje original a la
dirección arriba mencionada y borre el mensaje.
Gracias.



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Unable to install rules to both FW
Next by Date: Re: [FW1] Comparisons: Platforms for FW1?
Previous by thread: [FW1] Question about SurfinGate 5.x from finjan
Next by thread: [FW1] Out-of-office replies
Index(es):
- Date
- Thread