NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1]



Title: Message
I had problems getting it to work, and after many talks with Checkpoint and Nortel, I have not yet been successful.  Checkpoint says it has something to do with how IKE is handled in the Nortel boxes and that they did not follow the standards.  I don't know what the real reason is. I was able to initiate a vpn connection from the checkpoint side, but not the nortel side.  The vpn would fail when a key negotiation was taking place if the Nortel initiated the vpn tunnel.
 
I have been able to create vpn tunnels with other products to the Checkpoint firewall, such as cisco without any trouble.
 
I had tried on two occasions for different customers with no luck.  If you get it to work, let us all know how you managed it.
 
 
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:[email protected]]On Behalf Of Roland Pintal
Sent: Wednesday, May 01, 2002 2:17 PM
To: [email protected]
Subject: Re: [FW-1]

Solution
How to Configure an IKE VPN with Nortel Contivity VPN Server
 
Solution ID: 55.0.947
Creation Date: 03/10/2000
Revised Date: 05/04/2000
I found this on the Knowledge base. There was a document you could download. A 1.2 Meg zipped file. Just call them and ask for it or something.
-----Original Message-----
From: Russell Washington [mailto:[email protected]]
Sent: Wednesday, May 01, 2002 2:01 PM
To: [email protected]
Subject: Re: [FW-1]

Heh.  Good point :)
-----Original Message-----
From: Jim Parker [mailto:[email protected]]
Sent: Wednesday, May 01, 2002 10:29 AM
To: [email protected]
Subject: Re: [FW-1]

Unfortunately, there is no such thing as a "quick call" to checkpoint :)
 
 
 
----- Original Message -----
Sent: Wednesday, May 01, 2002 5:20 PM
Subject: Re: [FW-1]

I have yet to hear of an IPSec-based VPN that gives a hoot whose product is on each end.  Granted, vendor quirkiness can make getting these things to talk a bit tricky, but that makes it sometimes 'a pain,' not 'impossible.'
 
And if we are talking FW-1 to FW-1 here... ok, I'll admit, I haven't touched a Nortel yet, saying that that fundamentally 'won't work' sounds like a bit of a stretch.  A quick call to Checkpoint should put that to rest.
 
-----Original Message-----
From: Stuart Carrison [mailto:[email protected]]
Sent: Wednesday, May 01, 2002 8:08 AM
To: [email protected]
Subject: [FW-1]

Hi there,

We're currently in the throws of implementing FW-1, however, our web site is hosted by our MSP and we wanted to set up a permanent VPN to them (firewall to firewall VPN).

Our MSP uses a Nortel 'hardware box' and we want to use FW-1 on an Intel server. Our MSP insists that FW-1 > Nortel VPNs won't work, even though I'm under the impression that nortel firewalls use FW-1!!

Can anyone verify this? If this is the case, can anyone suggest away of keeping our intel server and still creating a VPN with the MSP?

If this is proven TO WORK can someone send me some supporting docs?

Cheers,

Stuart C
Screwfix Direct

intY has scanned this email for all known viruses (www.inty.com)
-----
This message was scanned by AT&T Canada IES (Security Provisioning) for
viruses. This protection does not ensure this message is virus free, however
every precaution possible has been taken on our part.


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.