[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Securemote IKE



Two possibilities that I can think of..

1. The user's expiration is after 2009..  2010 and beyond doesn't work
correctly..
2. You are not using Hybrid Mode..  The default installation of
SecuRemote/SecureClient NG requires hybrid be configured on the Firewall..
If hybrid mode is not enabled then read the Readme in the SecuRemote
installation directory..  It has an option that must be set to false.
Something about not using SSL in IKE UDP to download topology; or is it IKE
over SSL..

Gary
National Business Group
Check Point Reseller/Support

-----Original Message-----
From: Jeff Harris [mailto:[email protected]]
Sent: Thursday, October 24, 2002 1:57 PM
To: [email protected]
Subject: [FW-1] Securemote IKE


Greetings

I ran into a problem setting up securemote ver NGFP1. I keep getting
"negotiation with gateway 123.123.123.123 at site 123.123.123.123 has
failed. user unknown" after it verifies the certificate. After reviewing the
logs I can see its getting dropped by rule 0 and it reads "reason Client
encryption: user unknown. Now I have double checked the username and
password in the FW db and also check my IKE setting, checked the box to
export topology to securemote but still no luck. I have this rule setup

source                          dest                            service
action

remoteuser@any  Encrypted_dom   any             Client encrypt


this is a fresh install on w2k FW NG FP1


Any ideas would be greatly appreciated

J


This electronic message and all contents and attachments contain information
from the firm VIA Information Tools Inc. and/or its affiliates, which may be
privileged, confidential or otherwise protected from disclosure. The
information is intended to be for the addressee only. If you are not the
addressee, or otherwise have reason to believe that you have received this
message in error, then any disclosure, copy, distribution or use of this
message, or its contents or any of its attachments, is prohibited. If you
have received this electronic message in error, please notify us immediately
(phone:, fax:) and destroy the original message
and all copies.

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================