[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Hybrid Mode IKE for SecureRemote Authentication
I am using SecureClient build 4188 on Windows 2000. The FW/VPN is build 41862 on Solaris 2.7. Thanks again for any input. Tom -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]]On Behalf Of Jonathan Jackson Sent: Friday, August 09, 2002 7:46 AM To: [email protected] Subject: Re: [FW-1] Hybrid Mode IKE for SecureRemote Authentication What SecureClient build are you using? -----Original Message----- From: ext Tom Abraham [mailto:[email protected]] Sent: Friday, August 09, 2002 2:07 AM To: [email protected] Subject: [FW-1] Hybrid Mode IKE for SecureRemote Authentication I am having a problem getting Hybrid mode for IKE working with SecureClient. I am running 4.1 SP4 for both the FW/VPN and SecureClient. I have followed the instructions in the document from Checkpoint's Web site "Hybrid Mode IKE for SecureRemote Authentication", but I continue to have a problem. I am trying to use IKE in Hybrid mode so that we can use the SecureIDs for authentication. I get this error message when I try to log in using Secure Remote and IKE: "Negotiation with firewall ... has failed. IKE is not properly defined for user." The firewall log shows this error: "reject, rule 0, reason client encryption: user cannot use IKE" I found a posting with this same exact error in the mailing list archives on Phoneboy but could not find a solution. I believe IKE is configured correctly in the FW/VPN becaue we use an IKE VPN between a SonicWall and the Checkpoint firewall and have had no problems. In addition, if I select "Password" for IKE authentication everything works fine with the SecureClient access. When I try and use the SecureID for authentication, I get the error listed above. I would sure appreciate any input. Tom ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|