Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Manual IPSEC problems

To: [email protected]
Subject: [FW-1] Manual IPSEC problems
From: Niclas Sodergard <[email protected]>
Date: Tue, 19 Feb 2002 11:37:09 +0100
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi everybody,

I am trying to setup an manual IPSEC connection between a FW-1 4.1 and
an OpenBSD machine. I generated a SPI-key and added a rule like this

obsdmachine     targetmachine           ssh/icmp-reply&request  encrypt
targetmachine   obsdmachine             ssh/icmp-reply&request  encrypt

I set the encrypt to manual ipsec and selected the spi I created. Then I
configured the obsd machine with the same information and setup flows
between the machines.

The thing is a get a deny in the fw1 log from rule 0 and the error
message is "decryption failure: Encryption failure: check definition of
SPI 0xXXX scheme: MANUAL".

Any ideas what is going on here?

Best regards,
Nickus

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: [FW-1] syn timeout - PIX firewall
Next by Date: [FW-1] Enabling Multicast trafic on FW-1
Previous by thread: Re: [FW-1] It is posible migrate from CP4.1 to NG ??
Next by thread: [FW-1] Enabling Multicast trafic on FW-1
Index(es):
- Date
- Thread