NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] NGFP2 - IKE - SonicWALL - Win2000 Server

Title: Message

I have seen the same thing with on exception.  If the sonic-wall makes the VPN connection.  The network behind the Sonic-Wall can encrypt to the Checkpoint. But the Checkpoint cannot encrypt to the SonicWall and I get the no proposal Chosen.  If I have the Checkpoint make the connection and the Key Exchange, Both sides encrypt Fine.  If the VPN connection times out, and the sonic-wall is the first to make the key exchange, I get the no proposal Chosen.

 

A temp solution that my client is doing is having a ping go across From the network behind the Checkpoint to the Sonicwall network.  If keeps the VPN running.

 

I tried calling Checkpoints Crappy support, but as the norm with their support they had no clue.  Has anyone else noticed a fall off in Checkpoint Support?  I hate to call, because I get someone on the other end that has no clue, or is cocky.

 

James Oryszczyn

 

 

-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:[email protected]] On Behalf Of Huff, Roger
Sent: Friday, June 14, 2002 6:28 PM
To: [email protected]
Subject: [FW-1] NGFP2 - IKE - SonicWALL - Win2000 Server

 

I am new to this list and I am very glad I found it, hopefully I will be able to contribute in the future.

 

My question comes from the standpoint of using IKE with NG FP2 to my remote SonicWALL appliances.

 

Currently, I am running manual IPSEC between the SW's and my 4.1 SP5 firewall. Unfortunately, NGFP2 no longer supports IPSEC so I am working in my test environment to implement IKE. I have had no luck whatsoever, the documents from SonicWALL appear to be based on a FP1 product at best and SecureKnowl'ge from Checkpoint has NOTHING that is of any interest in this regard. Some SonicWALL's are TELE2's, TELE3's, and SOHO/10's - they all seem to do the same.

 

It appears that the Phase1 is working but there is nothing beyond that. I get that wonderful IKE: Main Mode Sent Notification: no proposal chosen error.

 

I noticed on this list that there was some activity re this back in Sept 2001 but I've missed anything really since then.

 

Thoughts, guides, helps, etc. would be appreciated.

 

Thanks in advance!

 

Roger Huff

Sr. Network Engineer

Paragon Biomedical, Inc.

 

 

This email transmission and any documents, files or previous email messages attached to it may contain information that is confidential or legally privileged. If you are not the intended recipient or a person responsible for delivering this transmission to the intended recipient, you are hereby notified that you must not read this transmission and that any disclosure, copying, printing, distribution or use of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify the sender by telephone or return email and delete the original transmission and its attachments without reading or saving in any manner.

 


  
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.