[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Problem with enabling UDP Encryption for SecuRemote
At 11:58 AM 1/24/2002, Shawn Kearley wrote: I am attempting to configure UDP encapsulation for SecuRemote... Hi Shawn, Something similar happened to one of my customers recently. It's my opinion that "local interface address spoofing" is erroneously listed. Call it instead a symptom that the encryption service is not communicating well with the firewall service. This is probably a configuration error. Check to make sure that the SecuRemote rule specifies the destination, not just "Any". In your edited objects.C file, make sure that the :active (true) tag was added inside the parenthesis for the :isakmp.udpencapsulation section. The Phoneboy FAQ isn't 100% clear on this. If worst comes to worst, CheckPoint support is pretty good at walking you through a clean set up for SecuRemote. You might also want to consider upgrading to a more recent FW-1 service pack, although I doubt it will solve this particular problem. Regards, -Jim MacLeod At 11:58 AM 1/24/2002, you wrote: I am attempting to configure UDP encapsulation for SecuRemote as specified in the PhoneBoy FAQ, to try and get a vendor VPN connection working from within their network and am experiencing a problem that I hope someone here can help with. Jim MacLeod Independant FireWall-1 and network security consultant [email protected] ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|