[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] SecuRemote through NAT device???
> I was curious - why is IKE better? For some reason we can only use FWZ.... > on the client machines, we get an error stating that we cannot use IKE... Because IKE is used with 3DES encryption and is much stronger than FWZ encryption. The newer versions of Firewall-1 also support IKE in hybrid mode which makes it very flexible in terms of authentication. IKE also supports UDP encapsulation and works from behind hide mode NAT devices which FWZ does not support. You are getting an error on the user side with IKE probably because you do not have IKE enabled on the firewall, or because you have not defined an internal CA or for a myriad of other possible reasons. -Don ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|