[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] IP 51 and 50
You should have the two services you need... They called AH and ESP. If you don't have the you can define them as type 'other' and write it the match flied like that: for AH service type: ip_p = 0x33 for ESP services type: ip_p = 0x32 BTW, 'ip_p' is the inspect parameter for 'IP Protocol Number' (numbers are in hex format without the leading 0x). Bye, Aviv Bovete Internetworking & Security Consultant Xor technologies LTD [email protected] ----- Original Message ----- From: "Alonzo Vera" <[email protected]> To: "'[email protected]'" <[email protected]> Sent: Monday, July 02, 2001 4:09 PM Subject: [FW1] IP 51 and 50 | | Hi all!, | I need to set up a VPN using IPSec beetween two Cisco Routers. The problem | is that I have a Checkpoint firewall in the middle. How can I set up | Checkpoint to permit IP protocol 50 (SIPP-ESP) and IP protocol 51 (SIPP-AH). | I know that IPSec is supported by Firewall-1 to stablish VPN. But... how can | I make to let IPSec pass through Checkpoint. | Any idea? | Thanks, | Alnz. | | Ing. Alonzo Vera Rojas | Consultor Seguridad de la Información | Cosapi Soft S.A. | Av. Javier Prado Este 4491-Surco. Lima 33, Perú. | Teléfonos:anx 234; Fax:; | Nextel: 81.22612 | mailto:[email protected] | http://www.cosapisoft.com.pe | | The truth is out there... | | | | | ============================================================================ ==== | To unsubscribe from this mailing list, please see the instructions at | http://www.checkpoint.com/services/mailing.html | ============================================================================ ==== | ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|