[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] VPN Cisco PIX and FW1 V4.0 would it work ?
If you'll upgrade to 4.1 you can do that. Detailed description can be found on: http://www.cisco.com/warp/public/110/cp-p.html Regards, Eugene ---------------------------------------------------------- Eugene Nesterenko, CCIE #5283, CCNP+Security, CCDP, CCSE, MCSE -----Original Message----- From: Paul T. Root [mailto:[email protected]] Sent: Wednesday, September 12, 2001 8:43 AM To: [email protected] Subject: [FW1] VPN Cisco PIX and FW1 V4.0 would it work ? If I remember correctly, no it won't work. I tried extensively, and found that there are incompatibilities in the phase 2 setup section that made it not work most of the time. I think I was able to get it to work if I started a connection from behind the PIX, after it had been up and quiet for a couple minutes. Also, the PIX were kind of finicky. Reboot them after it's configured. Mazen Chehaiber <[email protected]> said: > - ------_=_NextPart_001_01C137DE.A5D9DB30 > Content-Type: text/plain;charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > Hi all > > I am trying to set up a VPN (ISAKMP, DES, SHA1,) between a Cisc= > o > PIX and my FW1 (4.0). I am having some trouble... all the instructions out > there are for FW v4.1. Has anyone ever got the two to talk at 4.0? And how = > ? > I have looked at http://www.cisco.com/warp/public/110/cp-p.html > <http://www.cisco.com/warp/public/110/cp-p.html> and used the same settin= > g > except with ISAKMP instead of IKE but I keep getting > - - ISAKMP Log received notification from Peer: no proposal chosen <phase2 > stage0> > - - encryption failure: error occurred scheme ISAKMP > > > > > > Regards, > ___________________________________ > Mazen Chehaiber, MCNE, MCSE, CCSA. > SEM Solutions Inc. > > __________________________________ > > =ABCe courriel est destin=E9 uniquement =E0 son destinataire et peut conten= > ir des > informations confidentielles. Sauf avis contraire, toute opinion ou > commentaire est personnel au signataire et ne repr=E9sente pas la position > officielle de l'entreprise. Si vous avez re=E7u ce courriel par erreur, > veuillez nous en aviser imm=E9diatement par courriel, supprimer le courriel= > > re=E7u de votre syst=E8me, ne pas le copier ou l'utiliser pour quelque rais= > on ni > en divulguer le contenu =E0 quiconque. Merci de votre collaboration. > > > This e-mail is only intended for the person(s) to whom it is addressed and > may contain confidential information. Unless stated to the contrary, any > opinions or comments are personal to the writer and do not represent the > official view of the company. If ou have received this e-mail in error, > please reply immediately by e-mail and then delete this message from your > system. Please do not copy it or use it for any purposes, or disclose its > contents to any other person. Thank you for your cooperation.=BB > > > > - ------_=_NextPart_001_01C137DE.A5D9DB30 > Content-Type: text/html;charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > <html xmlns:o=3D"urn:schemas-microsoft-com:office:office" xmlns:w=3D"urn:sc= > hemas-microsoft-com:office:word" xmlns=3D"http://www.w3.org/TR/REC-html40">= > > > <head> > <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; charset=3Diso-8859-= > 1"> > > > <meta name=3DProgId content=3DWord.Document> > <meta name=3DGenerator content=3D"Microsoft Word 10"> > <meta name=3DOriginator content=3D"Microsoft Word 10"> > <link rel=3DFile-List href=3D"cid:[email protected]"> > <!--[if gte mso 9]><xml> > <o:OfficeDocumentSettings> > <o:DoNotRelyOnCSS/> > </o:OfficeDocumentSettings> > </xml><![endif]--><!--[if gte mso 9]><xml> > <w:WordDocument> > <w:SpellingState>Clean</w:SpellingState> > <w:GrammarState>Clean</w:GrammarState> > <w:DocumentKind>DocumentEmail</w:DocumentKind> > <w:EnvelopeVis/> > <w:Compatibility> > <w:BreakWrappedTables/> > <w:SnapToGridInCell/> > <w:WrapTextWithPunct/> > <w:UseAsianBreakRules/> > </w:Compatibility> > <w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel> > </w:WordDocument> > </xml><![endif]--> > <style> > <!-- > /* Style Definitions */ > p.MsoNormal, li.MsoNormal, div.MsoNormal > =09{mso-style-parent:""; > =09margin:0in; > =09margin-bottom:.0001pt; > =09mso-pagination:widow-orphan; > =09font-size:12.0pt; > =09font-family:"Times New Roman"; > =09mso-fareast-font-family:"Times New Roman";} > h1 > =09{mso-style-next:Normal; > =09margin-top:12.0pt; > =09margin-right:0in; > =09margin-bottom:3.0pt; > =09margin-left:0in; > =09mso-pagination:widow-orphan; > =09page-break-after:avoid; > =09mso-outline-level:1; > =09font-size:16.0pt; > =09font-family:Arial; > =09mso-font-kerning:16.0pt;} > a:link, span.MsoHyperlink > =09{color:blue; > =09text-decoration:underline; > =09text-underline:single;} > a:visited, span.MsoHyperlinkFollowed > =09{color:purple; > =09text-decoration:underline; > =09text-underline:single;} > p.MsoAutoSig, li.MsoAutoSig, div.MsoAutoSig > =09{margin:0in; > =09margin-bottom:.0001pt; > =09mso-pagination:widow-orphan; > =09font-size:12.0pt; > =09font-family:"Times New Roman"; > =09mso-fareast-font-family:"Times New Roman";} > span.EmailStyle17 > =09{mso-style-type:personal-compose; > =09mso-style-noshow:yes; > =09mso-ansi-font-size:10.0pt; > =09mso-bidi-font-size:10.0pt; > =09font-family:Arial; > =09mso-ascii-font-family:Arial; > =09mso-hansi-font-family:Arial; > =09mso-bidi-font-family:Arial; > =09color:windowtext;} > span.GramE > =09{mso-style-name:""; > =09mso-gram-e:yes;} > @page Section1 > =09{size:8.5in 11.0in; > =09margin:1.0in 1.25in 1.0in 1.25in; > =09mso-header-margin:.5in; > =09mso-footer-margin:.5in; > =09mso-paper-source:0;} > div.Section1 > =09{page:Section1;} > - --> > </style> > <!--[if gte mso 10]> > <style> > /* Style Definitions */ > table.MsoNormalTable > =09{mso-style-name:"Table Normal"; > =09mso-tstyle-rowband-size:0; > =09mso-tstyle-colband-size:0; > =09mso-style-noshow:yes; > =09mso-style-parent:""; > =09mso-padding-alt:0in 5.4pt 0in 5.4pt; > =09mso-para-margin:0in; > =09mso-para-margin-bottom:.0001pt; > =09mso-pagination:widow-orphan; > =09font-size:10.0pt; > =09font-family:"Times New Roman";} > </style> > <![endif]--> > </head> > > <body lang=3DEN-US link=3Dblue vlink=3Dpurple style=3D'tab-interval:.5in'> > > <div class=3DSection1> > > <p class=3DMsoNormal><font size=3D2 face=3DArial><span style=3D'font-size:1= > 0.0pt; > font-family:Arial'>Hi all<o:p></o:p></span></font></p> > > <p class=3DMsoNormal><font size=3D2 face=3DArial><span style=3D'font-size:1= > 0.0pt; > font-family:Arial'><o:p> </o:p></span></font></p> > > <p class=3DMsoNormal><font size=3D2 face=3DArial><span style=3D'font-size:1= > 0.0pt; > font-family:Arial'><span style=3D'mso-tab-count:1'>=A0=A0=A0=A0=A0=A0=A0=A0= > =A0=A0=A0 </span>I am trying > to set up a VPN (ISAKMP, DES, SHA1,) between a Cisco PIX and my FW1 (4.0). = > I am > having some trouble... all the instructions out there are for FW v4.1. Has > anyone ever got the two to talk at 4.0? And <span class=3DGramE>how ?</span= > ><o:p></o:p></span></font></p> > > <p class=3DMsoNormal><font size=3D2 face=3DArial><span style=3D'font-size:1= > 0.0pt; > font-family:Arial'>I have looked at <a > href=3D"http://www.cisco.com/warp/public/110/cp-p.html">http://www.cisco..c= > om/warp/public/110/cp-p.html</a><span > style=3D'mso-spacerun:yes'>=A0 </span>and used the same setting except with= > ISAKMP > instead of IKE but I keep getting<o:p></o:p></span></font></p> > > <p class=3DMsoNormal><font size=3D2 face=3DArial><span style=3D'font-size:1= > 0.0pt; > font-family:Arial'>- ISAKMP Log received notification from Peer: no proposa= > l > chosen <phase2 stage0> <o:p></o:p></span></font></p> > > <p class=3DMsoNormal><font size=3D2 face=3DArial><span style=3D'font-size:1= > 0.0pt; > font-family:Arial'>- <span class=3DGramE>encryption</span> failure: error > occurred scheme ISAKMP<o:p></o:p></span></font></p> > > <p class=3DMsoNormal><font size=3D2 face=3DArial><span style=3D'font-size:1= > 0.0pt; > font-family:Arial'><o:p> </o:p></span></font></p> > > <p class=3DMsoNormal><font size=3D2 face=3DArial><span style=3D'font-size:1= > 0.0pt; > font-family:Arial'><o:p> </o:p></span></font></p> > > <p class=3DMsoAutoSig><font size=3D3 face=3D"Times New Roman"><span style=3D= > 'font-size: > 12.0pt;mso-no-proof:yes'><o:p> </o:p></span></font></p> > > <p class=3DMsoAutoSig><font size=3D3 face=3D"Times New Roman"><span style=3D= > 'font-size: > 12.0pt;mso-no-proof:yes'><o:p> </o:p></span></font></p> > > <p class=3DMsoAutoSig><font size=3D3 face=3D"Times New Roman"><span style=3D= > 'font-size: > 12.0pt;mso-no-proof:yes'><o:p> </o:p></span></font></p> > > <p class=3DMsoNormal style=3D'mso-layout-grid-align:none;text-autospace:non= > e'><b><font > size=3D1 color=3Dblack face=3DArial><span style=3D'font-size:9.0pt;font-fam= > ily:Arial; > color:black;font-weight:bold;mso-no-proof:yes'>Regards,<o:p></o:p></span></= > font></b></p> > > <p class=3DMsoNormal style=3D'mso-layout-grid-align:none;text-autospace:non= > e'><font > size=3D1 color=3Dblack face=3DArial><span style=3D'font-size:9.0pt;font-fam= > ily:Arial; > color:black;mso-no-proof:yes'>___________________________________<o:p></o:p= > ></span></font></p> > > <p class=3DMsoNormal style=3D'mso-layout-grid-align:none;text-autospace:non= > e'><b><font > size=3D3 color=3Dblack face=3D"Times New Roman"><span style=3D'font-size:12= > .0pt; > color:black;font-weight:bold;mso-no-proof:yes'>Mazen Chehaiber, MCNE, MCSE,= > > CCSA.<o:p></o:p></span></font></b></p> > > <p class=3DMsoNormal style=3D'mso-layout-grid-align:none;text-autospace:non= > e'><b><font > size=3D3 color=3Dblack face=3D"Times New Roman"><span style=3D'font-size:12= > .0pt; > color:black;font-weight:bold;mso-no-proof:yes'>SEM Solutions Inc.<o:p></o:p= > ></span></font></b></p> > > <p class=3DMsoNormal style=3D'mso-layout-grid-align:none;text-autospace:non= > e'><b><font > size=3D2 color=3Dblack face=3D"Times New Roman"><span style=3D'font-size:11= > .0pt; > color:black;font-weight:bold;mso-no-proof:yes'><o:p> </o:p></span></fo= > nt></b></p> > > <p class=3DMsoNormal style=3D'mso-layout-grid-align:none;text-autospace:non= > e'><font > size=3D1 color=3Dblack face=3DArial><span lang=3DFR style=3D'font-size:9.0p= > t;font-family: > Arial;color:black;mso-ansi-language:FR;mso-no-proof:yes'>__________________= > ________________<o:p></o:p></span></font></p> > > <h1><b><i style=3D'mso-bidi-font-style:normal'><font size=3D2 face=3D"Times= > New Roman"><span > lang=3DFR style=3D'font-size:10.0pt;font-family:"Times New Roman";mso-font-= > kerning: > 0pt;mso-ansi-language:FR;font-style:italic;mso-bidi-font-style:normal; > mso-no-proof:yes'>=ABCe courriel est destin=E9 uniquement =E0 son destinata= > ire et > peut contenir des informations confidentielles.<span style=3D'mso-spacerun:= > yes'>=A0 > </span>Sauf avis contraire, toute opinion ou commentaire est personnel au > signataire et ne repr=E9sente pas la position officielle de > l'entreprise.<span style=3D'mso-spacerun:yes'>=A0 </span>Si vous avez re=E7= > u ce > courriel par erreur, veuillez nous en aviser imm=E9diatement par courriel, > supprimer le courriel re=E7u de votre syst=E8me, ne pas le copier ou > l'utiliser pour quelque raison ni en divulguer le contenu =E0 > quiconque.<span style=3D'mso-spacerun:yes'>=A0 </span></span></font></i></b= > ><i > style=3D'mso-bidi-font-style:normal'><font size=3D2 face=3D"Times New Roman= > "><span > style=3D'font-size:10.0pt;font-family:"Times New Roman";mso-font-kerning:0p= > t; > font-style:italic;mso-bidi-font-style:normal;mso-no-proof:yes'>Merci de vot= > re > collaboration.<o:p></o:p></span></font></i></h1> > > <h1><b><i style=3D'mso-bidi-font-style:normal'><font size=3D2 face=3D"Times= > New Roman"><span > style=3D'font-size:10.0pt;font-family:"Times New Roman";mso-font-kerning:0p= > t; > font-style:italic;mso-bidi-font-style:normal;mso-no-proof:yes'>This e-mail = > is > only intended for the person(s) to whom it is addressed and may contain > confidential information. Unless stated to the contrary, any opinions or > comments are personal to the writer and do not represent the official view = > of > the company.<span style=3D'mso-spacerun:yes'>=A0 </span>If ou have received= > this > e-mail in error, please reply immediately by e-mail and then delete this > message from your system.<span style=3D'mso-spacerun:yes'>=A0 </span>Please= > do not > copy it or use it for any purposes, or disclose its contents to any other > person.<span style=3D'mso-spacerun:yes'>=A0 </span>Thank you for your coope= > ration.=BB<o:p></o:p></span></font></i></b></h1> > > <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D= > 'font-size: > 12.0pt'><o:p> </o:p></span></font></p> > > </div> > > </body> > > </html> > > - ------_=_NextPart_001_01C137DE.A5D9DB30-- > > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > -- Steve Spurrier, Florida football coach, telling Gator fans that a fire at Auburn's football dorm had destroyed 20 books: "But the real tragedy was that 15 hadn't been colored yet." (1991) ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|