Re: [FW-1] SecuRemote Failure - reason:User authenticated by Fire wall. Sendi ng SSL Encrypted Topology, using IKE authentication.

["Reznik, David" <David.Reznik@FW1-NOSPAMG-TRADE.COM>]

are you using SYNC interaces in your nokia boxes ? What are the networks and
ip addreses of these interfaces? Are they the same networks for every site?
--------------------------
David Reznik
www.g-trade.com
The information in this e-mail, and any attachment therein, is confidential
and for use by the addressee only. If you are not the intended recipient,
please return the e-mail to the sender and delete it from your computer.
Although The Bank of New York attempts to sweep e-mail and attachments for
viruses, it does not guarantee that either are virus-free and accepts no
liability for any damage sustained as a result of viruses.

-----Original Message-----
From: Melcher, Andrew <amelcher@UMICH.EDU>
To: FW-1-MAILINGLIST@beethoven.us.checkpoint.com
<FW-1-MAILINGLIST@beethoven.us.checkpoint.com>
Sent: Thu Nov 07 18:10:42 2002
Subject: [FW-1] SecuRemote Failure - reason:User authenticated by Firewall.
Sendi ng SSL Encrypted Topology, using IKE authentication.

I have had a problem with SecuRemote.  Multiple users/ Possibly all users of
SecuRemote can authenticate to my firewalls but they can not connect to any
machines in the encrypted domain.  We are using RADIUS for authentication
but I have tested a pre-shared secret user and had the same result.  The
drop happens on Rule 0.  Has anybody had this error?

reason:User authenticated by Firewall. Sending SSL Encrypted Topology, using
IKE authentication.

I can not find a place where the client or the firewall has an SSL Topology
set.  I have always set for IKE when configuring the VPN.

I have a meshed site-to-site VPN with users of SecuRemote at each of four
sites.  I am using NG FP2 for all of my VPN and SecuRemote users.  Up until
Monday all users were able to connect with SecuRemote and I had no errors.
I have had my support person(CP Partner) look at my policy/logs and he can
not find a problem.

I have created new users using different authentications and all have had
the same problem.  I am using Nokia 380/350s with acceleration.  My policy
is not extensive (11 lines).


Sincerely,

Andrew P. Melcher III

=================================================
To set vacation, Out Of Office, or away messages,
send an email to LISTSERV@lists.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================


"The information in this e-mail, and any attachment therein, is
confidential and for use by the addressee only. If you are not the
intended recipient, please return the e-mail to the sender and delete
it from your computer. Although The Bank of New York attempts to
sweep e-mail and attachments for viruses, it does not guarantee that
either are virus-free and accepts no liability for any damage sustained
as a result of viruses."

=================================================
To set vacation, Out Of Office, or away messages,
send an email to LISTSERV@lists.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================