[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] VPN <-> Netscreen - 2 questions
We're trying to set up a vpn between our firewall-1 4.1 and a netscreen server. The first question I have is about the setup of the local vpn workstation object. When it is defined, it is actually a duplicate of the existing gateway object (except for the gateway/vpn details). Since it defines the gateway itself, the Policy Editor returns a warning that an object already exists. Should we proceed with the independent object, or should we just enter the vpn config into the existing default firewall object? We tried both. When we created a duplicate firewall object, the firewall stopped passing packets. When we updated the existing object, the firewall was ok, but errors appear in the eventlog; application errors are " ISAKMP AddNegotiation: try to handle too many negotiations", which appears about every 20 seconds , and "WARNING: Empty Encryption Domain..", which appears once. The system errors are "error 0xc0000005" and "copyin: failure copying 56 bytes from 0xf1dcf6b8". I've been searching for clues for some time now with no luck. Any help, tips, references, appreciated. Thanks for taking the time to read this. ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|