[FW-1] Problem setting up securemote connection to FW-1 SP3 (encrypt ion failure: No peer gateway found for the destination scheme:

[Alan Choyna <achoyna@FW1-NOSPAMPATHFINDERASSOC.COM>]

Hi folks,

I'm trying to set up my FW-1 4.1 SP3 to be able to allow securemote
(build 4188) access from external machines.

The external PC's are each sitting behind a linksys router (firmware
1.40.1) using either DSL or Cable internet connections, using non static
external ip addresses.

I installed the encryption license (DES3), and have configured a user
(smith) with the user Authentication scheme VPN-1 & Firewall 1 Password,
with Encryption options IKE & FWZ checked.

I have created the following rules:

any     Smiths_machine_behind_FW1      PCanywhere      encrypt.

We are using securemote (build 4188) and have checked the IKE option
under tools/Encryption, and Force UPD encapsulation and Support IKE over
TCP under its advanced settings.

When smith trys to connect from his external PC, the following rejects
appear in the Log "encryption failure: No peer gateway found for the
destination scheme: IKE."

Is the error because l do not have a domain object as the source? If so,
how would l set up a domain object which doesn't have an static ip?

What encrytion/logon/securemote services should l allow?

We wish to use DES3. Have l set the correct options on the user object?
and the securemote client options?

Anything special to do in the Policy properties?

Sorry for all the questions, but there are so many variables here, that
l find myself lost.

Regards,

Alan.

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================