NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Réf. : Re: [FW-1] "Using an inappropriate Policy" Error



Hi

Have a look in the desktop security tab of your policy/properties.
In the lower part of the screen, you will notice that you enforced a
control for client that were "mistakenly" (?) installed with "desktop
security"
As you did not defined any policy server, the client can not retrieve its
policy. I guess that in your rulebase client encrypt has the "enforce only
if policy verified" flag set.
It is just a very simple guess. Your situation might very well be more
complicated.

Regards

Ivan





"Thompson, Jeff" <[email protected]>
Envoyé par : Mailing list for discussion of Firewall-1
<[email protected]>
27/12/2001 16:54
Veuillez répondre à Mailing list for discussion of Firewall-1


        Pour :  [email protected]
        cc :
        Objet : Re: [FW-1] "Using an inappropriate Policy" Error

I just set up VPN with IKE and am able to exchange keys ok, but then it
says

"User Successfully authenticated by VPN-1.  You are using an inappropriate
policy.  Load a new policy from your Policy Server."


The only VPN rule I have is:

All Users@Any, Firewall, Any, Client Encrypt, ...


Ok, here is our topology

Internet----Router----(66.x.x.x)FW-1(192.168.100.1
NAT)----Servers----Workstations(206.247.71.x)

FW-1 is 4.1 SP5
SecuRemote NG on W2K and SecuRemote 4188 on NT.
SecureClient 4.1 SP-5 DES build 4199

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.