NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Site says that it is not a CA




>When i try to create a new Site on the Client side i get the error message
>"Site megamos says that it is not a CA
>Check whether you have got the right IP-Adress for XXXXX
>and check with the FW-1 admin there wether ..xxx.xxx is
>indeed a FW-1 control station."

Guido,

You need to generate your RSA public/private key pair and DH keys.  To do
this, you need to enable FWZ in your firewall object's VPN tab.  

In the properties of FWZ, in the Key Manager tab generate our "exponent" and
"modulus" [(e,n) RSA Public Key].  Under the DH tab, generate your DH key.

This will allow for the session.

If you want to force authentication of topo downloads, make sure that you
have UNCHECKED "Respond to Unauthenticated Clear Topo requests" in the
Desktop Security tab of the Policy Properties dialogue box.

Good luck,


Amin Tora, CISSP
ePlus Technology
http://www.eplus.com
NASDAQ: PLUS





================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.