[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] VPN-1 and FW-1
Ian, If you get the message "no license for encryption", I can think of two possible causes. First you don't have the license, second you are trying to use an encryption you are not licensed for. Just check again your license(s) to be sure, do the following commands : fw ver -k fw printlic -k PS: Have you also read another tread talking about encryption that stopped working, maybe you're in the same situation ? Met vriendelijke groeten - Bien à vous - Kind regards Guy ROELANDTS EMEA GS Internet Expertise Centre Compaq Software Engineer - Belgium E-mail : [email protected] Tel: +32(02)729.77.44 (options 3 - 3 - 1) Fax: +32(02)729.77.65 -----Original Message----- From: Ian Alderman [mailto:[email protected]] Sent: Monday, July 30, 2001 4:27 PM To: 'Ashleigh Martin'; Ian Alderman Cc: Fw-1-Mailinglist (E-mail); [email protected] Subject: RE: [FW1] VPN-1 and FW-1 I have tried enabling the IPNAT pool, and indeed can see the translations occurring in the log but there is still no connectivity. After running a snoop on the interfaces it would appear that the traffic is being dropped as it is not coming out of the firewall onto the other interface. There is no mention in the log of the packet being dropped. However, on the console the message FW1: no licence for encryption, dropping packet occurs. Checking with our "support" people we appear to be fully licensed.... Any help would be greatly appreciated Ian -----Original Message----- From: Ashleigh Martin [mailto:[email protected]] Sent: 30 July 2001 00:53 To: Ian Alderman Cc: Fw-1-Mailinglist (E-mail); [email protected] Subject: Re: [FW1] VPN-1 and FW-1 make sure you have IPNAT pool enabled with a range of routable IP addresses for the SecuRemote users.Also make sure that these addresses have entries matched to the appropriate MAC address in the Local.arp file Ashleigh Martin Senior Systems Engineer Data#3 Group Pty Ltd Ph: +61 3 9864 2000 Fx: +61 3 9864 2099 mailto: [email protected] Web Site: http://www.data3.com.au Ian Alderman <[email protected]> Sent by: To: "Fw-1-Mailinglist (E-mail)" [email protected] <[email protected]> kpoint.com cc: Subject: [FW1] VPN-1 and FW-1 27/07/2001 08:23 PM We are having trouble with our new VPN setup, the long and the short of it is that we are unable to talk to our internal network. The Secu-Remote clients are able to connect to the firewall and the logs show the traffic coming in, however there are no logs showing any return traffic and seemingly no packets coming back. We have spent a lot of time working with our support provider who obviously haven't a clue what's wrong, I have started searching through the many mailing archives out there but no joy. There seems to be two possibilities 1) The firewall is not routing either the incoming or outgoing packets properly or 2) It is dropping packets silently. Has anyone else had any similar problems, or perhaps somebody has some useful suggestions? Thanks, Ian ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|