[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] SunScreen SKIP and Firewall-1
I have SunScreen Firewall managed by a remote management station using SKIP between them. SunScreen SKIP is installed on the remote management station on one of the interfaces. However when I install a Firewall-1 module on the remote management station, SKIP nolonger works. Basically the Firewall-1 inspection module jumps in and is dropped by rule 0 logging "Decryption Failure: Source object not in database scheme". Because its dropped by rule 0 adding rules to the rule base to try and let this through have no effect. I had two thoughts: 1) Stop Firewall-1 being active on the interface with SKIP on - everything I've read suggests that Firewall cannot be selectively installed on interfaces. 2) Disable SUNScreen SKIP on the remote management station and get the SunScreen Firewall to exchange SKIP with Firewall-1 SKIP. However SKIP is set up using a manual key exchange rather than cert authorities. Is it possible to set Firewal-1 SKIP parameters in a config file somewhere rather than generating a new key in the GUI? Any ideas how I go about getting SunScreen SKIP to work to a Firewall-1?? -Steve ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|