NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Setting up VPN - Problems Tho!!

We Have SP2 on both sides.  However the firewalls are different versions!! One is UNIX running CPFW-1 4.0 and the other is NT machine running 4.1 SP-2

 

We have now built another machine running NT4 with CPFW-1 4.1 so that the cluster isn't involved anymore.  The VPN still doesn't work - we are using IKE now and when you look in the logs on both firewalls you get the error that says the encryption is not the correct type IKE/ISAKMP.  I think this may be related to the firewall version being different - so I am going to build another NT machine running the same vers as the existing NT system.

 

I'm still slightly lost, this looks like it should be easy so I'm sure that it is something simple like the version/platform difference.

 

Any pointers will be most appreciated.

 

Dave

 

 

-----Original Message-----
From: Aylton Souza, CISSP [mailto:[email protected]]
Sent: 27 July 2001 14:34
To: Dave Ninian
Subject: Re: [FW1] Setting up VPN - Problems Tho!!

 

Dave:

 

- what service packs do yo have on each side?

- have you ever tried to make the vpn without the cluster to see if it works?

 

best regards

 

 

----- Original Message -----

From: Dave Ninian

Sent: Thursday, July 26, 2001 5:33 AM

Subject: [FW1] Setting up VPN - Problems Tho!!

 

Hi All,

 

We are in the process of setting up a VPN using our firewalls and are having some problems, I hope someone can help.

 

We have a clustered environment using stonebeat and two Compaq DL360's.  The system runs checkpoint 4.1.  We are connecting to a UNIX machine running checkpoint firewall 4.0.  We have tried SKIP, FWZ and IKE but each time we cannot get the networks to communicate - is there anything special we have to do to a clustered firewall environment to get it to connect???

 

We have followed the instructions from the checkpoint website in the document "How to Create an ISAKMP VPN between two checkpoint firewalls.  In conjunction with this we have set up the no NAT rule needed for VPN. 

 

The point of the VPN is to allow two DC's to communicate but at the moment we just seem to be getting stuck at the same point.

 

Hope someone can help, it will most appreciated

 

Dave Ninian


  
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.