|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] NG: IPSEC: no integrity option in rule IKE properties
I believe there was a discussion that just flew by suggesting that AH isn't supported any more, which would mean you're using ESP. This is consistent with the fact that encryption algorithm, hash, and PFS options all pertain to ESP. Someone hop in and tell me if I'm off base on the AH support. -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Friday, November 01, 2002 7:55 AM To: [email protected] Subject: Re: [FW-1] NG: IPSEC: no integrity option in rule IKE properties -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have the same problem, I am interested to see what the workaround is. Bob Colborn Lead Network Engineer, Gateway Health Plan phemail- [email protected] The witches fly across the sky, The owls go, "Who? Who? Who?" The black cats yowl And red ghosts howl, "A Scary Halloween to you!" ~Nina Willis Walter~ - -----Original Message----- From: Jason Pratt [mailto:[email protected]] Sent: Friday, November 01, 2002 10:04 AM To: [email protected] Subject: [FW-1] NG: IPSEC: no integrity option in rule IKE properties hello - I'm trying to setup a site-to-site VPN between a cisco router and checkpoint NG (FP2). However, connections fail during IKE phase 2 (phase 1 completes successfully.) The log message I receive is: IKE: Main Mode completion IKE: Quick Mode Received Notification from Peer: no proposal chosen when I edit the encryption action properties on the encryption rule, I am not presented with the data integrity options (AH or ESP) as documented. instead, I am only given the options for encryption algorithm, data integrity (hash), compression method, and allowed peer gateway. also, I am given options for perfect forward secrecy usage and ip NAT pooling. My problem with phase 2 may lie elsewhere, but I am unable to confirm that my settings on the checkpoint box match my settings on the cisco box for this. Has anyone else run into this situation, with cisco or any other 3rd-party VPN product? ::ja ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 (Build 294) Beta iQA/AwUBPcKj2pgeN8dlymHMEQI+uQCffIBvj+NxzRUoZBPnwJbuObl8/EgAoJ0O MEbaRCa8g+32AySjwuvbapxe =lpPv -----END PGP SIGNATURE----- "This e-mail and any attachments are confidential and are intended solely for the use of the individuals(s) or entity to whom it is addressed. If you have received this e-mail message in error, please notify the sender. The views expressed in the e-mail message and any attachments do not necessarily represent the views of Gateway Health Plan, its subsidiaries, or affiliates." ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
