NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] VPN Cisco PIX and FW1 V4.0 would it work ?



If you'll upgrade to 4.1 you can do that.
Detailed description can be found on: 

http://www.cisco.com/warp/public/110/cp-p.html



Regards,

             Eugene

----------------------------------------------------------
Eugene Nesterenko, CCIE #5283, CCNP+Security, CCDP, CCSE, MCSE



-----Original Message-----
From: Paul T. Root [mailto:[email protected]] 
Sent: Wednesday, September 12, 2001 8:43 AM
To: [email protected]
Subject: [FW1] VPN Cisco PIX and FW1 V4.0 would it work ?


If I remember correctly, no it won't work. 

I tried extensively, and found that there are
incompatibilities in the phase 2 setup section that
made it not work most of the time.

I think I was able to get it to work if I started
a connection from behind the PIX, after it had been
up and quiet for a couple minutes.

Also, the PIX were kind of finicky. Reboot them after
it's configured.


Mazen Chehaiber <[email protected]> said:
> - ------_=_NextPart_001_01C137DE.A5D9DB30
> Content-Type: text/plain;charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> Hi all
>  
>             I am trying to set up a VPN (ISAKMP, DES, SHA1,) between a
Cisc=
> o
> PIX and my FW1 (4.0). I am having some trouble... all the instructions out
> there are for FW v4.1. Has anyone ever got the two to talk at 4.0? And how
=
> ?
> I have looked at http://www.cisco.com/warp/public/110/cp-p.html
> <http://www.cisco.com/warp/public/110/cp-p.html>   and used the same
settin=
> g
> except with ISAKMP instead of IKE but I keep getting
> - - ISAKMP Log received notification from Peer: no proposal chosen <phase2
> stage0> 
> - - encryption failure: error occurred scheme ISAKMP
>  
>  
>  
>  
>  
> Regards,
> ___________________________________
> Mazen Chehaiber, MCNE, MCSE, CCSA.
> SEM Solutions Inc.
>  
> __________________________________
> 
> =ABCe courriel est destin=E9 uniquement =E0 son destinataire et peut
conten=
> ir des
> informations confidentielles.  Sauf avis contraire, toute opinion ou
> commentaire est personnel au signataire et ne repr=E9sente pas la position
> officielle de l'entreprise.  Si vous avez re=E7u ce courriel par erreur,
> veuillez nous en aviser imm=E9diatement par courriel, supprimer le
courriel=
> 
> re=E7u de votre syst=E8me, ne pas le copier ou l'utiliser pour quelque
rais=
> on ni
> en divulguer le contenu =E0 quiconque.  Merci de votre collaboration.
> 
> 
> This e-mail is only intended for the person(s) to whom it is addressed and
> may contain confidential information. Unless stated to the contrary, any
> opinions or comments are personal to the writer and do not represent the
> official view of the company.  If ou have received this e-mail in error,
> please reply immediately by e-mail and then delete this message from your
> system.  Please do not copy it or use it for any purposes, or disclose its
> contents to any other person.  Thank you for your cooperation.=BB
> 
>  
> 
> - ------_=_NextPart_001_01C137DE.A5D9DB30
> Content-Type: text/html;charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> <html xmlns:o=3D"urn:schemas-microsoft-com:office:office"
xmlns:w=3D"urn:sc=
> hemas-microsoft-com:office:word"
xmlns=3D"http://www.w3.org/TR/REC-html40";>=
> 
> 
> <head>
> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html;
charset=3Diso-8859-=
> 1">
> 
> 
> <meta name=3DProgId content=3DWord.Document>
> <meta name=3DGenerator content=3D"Microsoft Word 10">
> <meta name=3DOriginator content=3D"Microsoft Word 10">
> <link rel=3DFile-List href=3D"cid:[email protected]";>
> <!--[if gte mso 9]><xml>
>  <o:OfficeDocumentSettings>
>   <o:DoNotRelyOnCSS/>
>  </o:OfficeDocumentSettings>
> </xml><![endif]--><!--[if gte mso 9]><xml>
>  <w:WordDocument>
>   <w:SpellingState>Clean</w:SpellingState>
>   <w:GrammarState>Clean</w:GrammarState>
>   <w:DocumentKind>DocumentEmail</w:DocumentKind>
>   <w:EnvelopeVis/>
>   <w:Compatibility>
>    <w:BreakWrappedTables/>
>    <w:SnapToGridInCell/>
>    <w:WrapTextWithPunct/>
>    <w:UseAsianBreakRules/>
>   </w:Compatibility>
>   <w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
>  </w:WordDocument>
> </xml><![endif]-->
> <style>
> <!--
>  /* Style Definitions */
>  p.MsoNormal, li.MsoNormal, div.MsoNormal
> =09{mso-style-parent:"";
> =09margin:0in;
> =09margin-bottom:.0001pt;
> =09mso-pagination:widow-orphan;
> =09font-size:12.0pt;
> =09font-family:"Times New Roman";
> =09mso-fareast-font-family:"Times New Roman";}
> h1
> =09{mso-style-next:Normal;
> =09margin-top:12.0pt;
> =09margin-right:0in;
> =09margin-bottom:3.0pt;
> =09margin-left:0in;
> =09mso-pagination:widow-orphan;
> =09page-break-after:avoid;
> =09mso-outline-level:1;
> =09font-size:16.0pt;
> =09font-family:Arial;
> =09mso-font-kerning:16.0pt;}
> a:link, span.MsoHyperlink
> =09{color:blue;
> =09text-decoration:underline;
> =09text-underline:single;}
> a:visited, span.MsoHyperlinkFollowed
> =09{color:purple;
> =09text-decoration:underline;
> =09text-underline:single;}
> p.MsoAutoSig, li.MsoAutoSig, div.MsoAutoSig
> =09{margin:0in;
> =09margin-bottom:.0001pt;
> =09mso-pagination:widow-orphan;
> =09font-size:12.0pt;
> =09font-family:"Times New Roman";
> =09mso-fareast-font-family:"Times New Roman";}
> span.EmailStyle17
> =09{mso-style-type:personal-compose;
> =09mso-style-noshow:yes;
> =09mso-ansi-font-size:10.0pt;
> =09mso-bidi-font-size:10.0pt;
> =09font-family:Arial;
> =09mso-ascii-font-family:Arial;
> =09mso-hansi-font-family:Arial;
> =09mso-bidi-font-family:Arial;
> =09color:windowtext;}
> span.GramE
> =09{mso-style-name:"";
> =09mso-gram-e:yes;}
> @page Section1
> =09{size:8.5in 11.0in;
> =09margin:1.0in 1.25in 1.0in 1.25in;
> =09mso-header-margin:.5in;
> =09mso-footer-margin:.5in;
> =09mso-paper-source:0;}
> div.Section1
> =09{page:Section1;}
> - -->
> </style>
> <!--[if gte mso 10]>
> <style>
>  /* Style Definitions */ 
>  table.MsoNormalTable
> =09{mso-style-name:"Table Normal";
> =09mso-tstyle-rowband-size:0;
> =09mso-tstyle-colband-size:0;
> =09mso-style-noshow:yes;
> =09mso-style-parent:"";
> =09mso-padding-alt:0in 5.4pt 0in 5.4pt;
> =09mso-para-margin:0in;
> =09mso-para-margin-bottom:.0001pt;
> =09mso-pagination:widow-orphan;
> =09font-size:10.0pt;
> =09font-family:"Times New Roman";}
> </style>
> <![endif]-->
> </head>
> 
> <body lang=3DEN-US link=3Dblue vlink=3Dpurple style=3D'tab-interval:.5in'>
> 
> <div class=3DSection1>
> 
> <p class=3DMsoNormal><font size=3D2 face=3DArial><span
style=3D'font-size:1=
> 0.0pt;
> font-family:Arial'>Hi all<o:p></o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 face=3DArial><span
style=3D'font-size:1=
> 0.0pt;
> font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 face=3DArial><span
style=3D'font-size:1=
> 0.0pt;
> font-family:Arial'><span
style=3D'mso-tab-count:1'>=A0=A0=A0=A0=A0=A0=A0=A0=
> =A0=A0=A0 </span>I am trying
> to set up a VPN (ISAKMP, DES, SHA1,) between a Cisco PIX and my FW1 (4.0).
=
> I am
> having some trouble... all the instructions out there are for FW v4.1. Has
> anyone ever got the two to talk at 4.0? And <span class=3DGramE>how
?</span=
> ><o:p></o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 face=3DArial><span
style=3D'font-size:1=
> 0.0pt;
> font-family:Arial'>I have looked at <a
>
href=3D"http://www.cisco.com/warp/public/110/cp-p.html";>http://www.cisco..c=
> om/warp/public/110/cp-p.html</a><span
> style=3D'mso-spacerun:yes'>=A0 </span>and used the same setting except
with=
>  ISAKMP
> instead of IKE but I keep getting<o:p></o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 face=3DArial><span
style=3D'font-size:1=
> 0.0pt;
> font-family:Arial'>- ISAKMP Log received notification from Peer: no
proposa=
> l
> chosen &lt;phase2 stage0&gt; <o:p></o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 face=3DArial><span
style=3D'font-size:1=
> 0.0pt;
> font-family:Arial'>- <span class=3DGramE>encryption</span> failure: error
> occurred scheme ISAKMP<o:p></o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 face=3DArial><span
style=3D'font-size:1=
> 0.0pt;
> font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>
> 
> <p class=3DMsoNormal><font size=3D2 face=3DArial><span
style=3D'font-size:1=
> 0.0pt;
> font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>
> 
> <p class=3DMsoAutoSig><font size=3D3 face=3D"Times New Roman"><span
style=3D=
> 'font-size:
> 12.0pt;mso-no-proof:yes'><o:p>&nbsp;</o:p></span></font></p>
> 
> <p class=3DMsoAutoSig><font size=3D3 face=3D"Times New Roman"><span
style=3D=
> 'font-size:
> 12.0pt;mso-no-proof:yes'><o:p>&nbsp;</o:p></span></font></p>
> 
> <p class=3DMsoAutoSig><font size=3D3 face=3D"Times New Roman"><span
style=3D=
> 'font-size:
> 12.0pt;mso-no-proof:yes'><o:p>&nbsp;</o:p></span></font></p>
> 
> <p class=3DMsoNormal
style=3D'mso-layout-grid-align:none;text-autospace:non=
> e'><b><font
> size=3D1 color=3Dblack face=3DArial><span
style=3D'font-size:9.0pt;font-fam=
> ily:Arial;
>
color:black;font-weight:bold;mso-no-proof:yes'>Regards,<o:p></o:p></span></=
> font></b></p>
> 
> <p class=3DMsoNormal
style=3D'mso-layout-grid-align:none;text-autospace:non=
> e'><font
> size=3D1 color=3Dblack face=3DArial><span
style=3D'font-size:9.0pt;font-fam=
> ily:Arial;
>
color:black;mso-no-proof:yes'>___________________________________<o:p></o:p=
> ></span></font></p>
> 
> <p class=3DMsoNormal
style=3D'mso-layout-grid-align:none;text-autospace:non=
> e'><b><font
> size=3D3 color=3Dblack face=3D"Times New Roman"><span
style=3D'font-size:12=
> .0pt;
> color:black;font-weight:bold;mso-no-proof:yes'>Mazen Chehaiber, MCNE,
MCSE,=
> 
> CCSA.<o:p></o:p></span></font></b></p>
> 
> <p class=3DMsoNormal
style=3D'mso-layout-grid-align:none;text-autospace:non=
> e'><b><font
> size=3D3 color=3Dblack face=3D"Times New Roman"><span
style=3D'font-size:12=
> .0pt;
> color:black;font-weight:bold;mso-no-proof:yes'>SEM Solutions
Inc.<o:p></o:p=
> ></span></font></b></p>
> 
> <p class=3DMsoNormal
style=3D'mso-layout-grid-align:none;text-autospace:non=
> e'><b><font
> size=3D2 color=3Dblack face=3D"Times New Roman"><span
style=3D'font-size:11=
> .0pt;
>
color:black;font-weight:bold;mso-no-proof:yes'><o:p>&nbsp;</o:p></span></fo=
> nt></b></p>
> 
> <p class=3DMsoNormal
style=3D'mso-layout-grid-align:none;text-autospace:non=
> e'><font
> size=3D1 color=3Dblack face=3DArial><span lang=3DFR
style=3D'font-size:9.0p=
> t;font-family:
>
Arial;color:black;mso-ansi-language:FR;mso-no-proof:yes'>__________________=
> ________________<o:p></o:p></span></font></p>
> 
> <h1><b><i style=3D'mso-bidi-font-style:normal'><font size=3D2
face=3D"Times=
>  New Roman"><span
> lang=3DFR style=3D'font-size:10.0pt;font-family:"Times New
Roman";mso-font-=
> kerning:
> 0pt;mso-ansi-language:FR;font-style:italic;mso-bidi-font-style:normal;
> mso-no-proof:yes'>=ABCe courriel est destin=E9 uniquement =E0 son
destinata=
> ire et
> peut contenir des informations confidentielles.<span
style=3D'mso-spacerun:=
> yes'>=A0
> </span>Sauf avis contraire, toute opinion ou commentaire est personnel au
> signataire et ne repr=E9sente pas la position officielle de
> l'entreprise.<span style=3D'mso-spacerun:yes'>=A0 </span>Si vous avez
re=E7=
> u ce
> courriel par erreur, veuillez nous en aviser imm=E9diatement par courriel,
> supprimer le courriel re=E7u de votre syst=E8me, ne pas le copier ou
> l'utiliser pour quelque raison ni en divulguer le contenu =E0
> quiconque.<span style=3D'mso-spacerun:yes'>=A0
</span></span></font></i></b=
> ><i
> style=3D'mso-bidi-font-style:normal'><font size=3D2 face=3D"Times New
Roman=
> "><span
> style=3D'font-size:10.0pt;font-family:"Times New
Roman";mso-font-kerning:0p=
> t;
> font-style:italic;mso-bidi-font-style:normal;mso-no-proof:yes'>Merci de
vot=
> re
> collaboration.<o:p></o:p></span></font></i></h1>
> 
> <h1><b><i style=3D'mso-bidi-font-style:normal'><font size=3D2
face=3D"Times=
>  New Roman"><span
> style=3D'font-size:10.0pt;font-family:"Times New
Roman";mso-font-kerning:0p=
> t;
> font-style:italic;mso-bidi-font-style:normal;mso-no-proof:yes'>This e-mail
=
> is
> only intended for the person(s) to whom it is addressed and may contain
> confidential information. Unless stated to the contrary, any opinions or
> comments are personal to the writer and do not represent the official view
=
> of
> the company.<span style=3D'mso-spacerun:yes'>=A0 </span>If ou have
received=
>  this
> e-mail in error, please reply immediately by e-mail and then delete this
> message from your system.<span style=3D'mso-spacerun:yes'>=A0
</span>Please=
>  do not
> copy it or use it for any purposes, or disclose its contents to any other
> person.<span style=3D'mso-spacerun:yes'>=A0 </span>Thank you for your
coope=
> ration.=BB<o:p></o:p></span></font></i></b></h1>
> 
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span
style=3D=
> 'font-size:
> 12.0pt'><o:p>&nbsp;</o:p></span></font></p>
> 
> </div>
> 
> </body>
> 
> </html>
> 
> - ------_=_NextPart_001_01C137DE.A5D9DB30--
> 
> 
> 
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
> 

-- 
Steve Spurrier, Florida football coach, telling Gator fans that a
fire at Auburn's football dorm had destroyed 20 books:
"But the real tragedy was that 15 hadn't been colored yet." (1991)


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.