[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] IKE negociation phase 1 problem

To: [email protected]
Subject: [FW-1] IKE negociation phase 1 problem
From: "Stephen B." <[email protected]>
Date: Mon, 28 Oct 2002 13:41:31 +0100
Reply-To: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi all,

I try to make works secure remote.
In my network with private adress this works well, but when i try a
connection of the internet domain this doesn't work ...
I disable the use of NAT for secure remote by using a public adress in an
interface of my firewall.
I launch a "fw isakmpd_debug on" and this is the error of the isakmpd.elg
file, anyone has already seen that ?

[XXXX@FIREWALL]    TalkToEngine: Engine RC is << FWIKE_CONTINUE >>
[XXXX@FIREWALL] setSocketPort: set peer IKE port to: 500
[XXXX@FIREWALL] ResendOutbuf (12) (eeee00)
[XXXX@FIREWALL] fwisakmpd_recv_from_peer: entering
[XXXX@FIREWALL] fwisakmpd_process_incoming_data: entering
[XXXX@FIREWALL] fwisakmpd_process_incoming_data: Retransmission detected
[XXXX@FIREWALL] RetransmitBuffer
[XXXX@FIREWALL] ResendOutbuf (11) (eeee00)
[XXXX@FIREWALL] fwisakmpd_recv_from_peer: entering
[XXXX@FIREWALL] fwisakmpd_process_incoming_data: entering
[XXXX@FIREWALL] fwisakmpd_process_incoming_data: Retransmission detected
[XXXX@FIREWALL] RetransmitBuffer
[XXXX@FIREWALL] ResendOutbuf (10) (eeee00)
[XXXX@FIREWALL] fwisakmpd_recv_from_peer: entering
[XXXX@FIREWALL] fwisakmpd_process_incoming_data: entering
[XXXX@FIREWALL] fwisakmpd_process_incoming_data: Retransmission detected
[XXXX@FIREWALL] RetransmitBuffer
[XXXX@FIREWALL] ResendOutbuf (9) (eeee00)
[XXXX@FIREWALL] fwisakmpd_recv_from_peer: entering
[XXXX@FIREWALL] fwisakmpd_process_incoming_data: entering
[XXXX@FIREWALL] fwisakmpd_process_incoming_data: Retransmission detected
[XXXX@FIREWALL] RetransmitBuffer
...
[XXXX@FIREWALL] ResendOutbuf (3) (eeee00)
[XXXX@FIREWALL] comm_decrypt_buf: fd = 0, buf = b66800, len = 32, key = 0
[XXXX@FIREWALL] comm_decrypt_buf: fd = 0, buf = b66800, len = 372, key = 0
...
[XXXX@FIREWALL] Ass_MatchPeerMethodsIDs: match has failed
...
[XXXX@FIREWALL] Ass_MatchPeerMethodsIDs: match has failed

This error seems to be made during the phase 1.

I have IPSO 3.4.1 FCS12 and checkpoint FW1 SP6.

Greetings,

     Stephen

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] AW: [FW-1] Problem about High Availability of SBFC
Next by Date: [FW-1] - SecurRemote doesn't works since ISP change
Prev by thread: Re: [FW-1] AW: [FW-1] Problem about High Availability of SBFC
Next by thread: [FW-1] HTTP traffic on a port other than 80 and "client authentication"
Index(es):
- Date
- Thread