Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] IPSEC tunnel between Cisco Router and CheckPoint NG

To: [email protected]
Subject: Re: [FW-1] IPSEC tunnel between Cisco Router and CheckPoint NG
From: Ant Ducker <[email protected]>
Date: Tue, 22 Jul 2003 15:58:00 +0100
Importance: Normal
In-reply-to: <23B82EFA36F5D311842A00508B6FCDF705D6A6CA@oane03.ppd.ci.phoenix.az.us>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Its as simple as configuring two FW1's to build VPN tunnels between each
other in Legacy Mode.

Make sure you define encryption on the FP3 firewall to the highest that
the Cisco will support (or lowest, depends whether you want higher
security or packet throughput), ensure your Cisco is running the IPSec
enabled IOS (make sure yours has enough memory to support the IOS, blah
blah blah), then set the Crypto config up on the Cisco to match the
Firewall, include the appropriate ACL's to decrypt / encrypt relevant
matches, make sure FW1 and Cisco DON?T NAT when they send encrypt
packets to the peer, open the right ports on any filtering devices you
may have in between (ESP and IKE probably) and give it a try.

You should be able to figure any mis-configuration out from the
"SmartView Tracker" (or log view as I like to call it).

Oh and I found that I had to set the object representing the Cisco to
"Firewall-1 Installed" or it refused to belive it was eligible to
participate in a VPN.

Hope that makes sense and helps, Im sure if Ive missed anything, someone
will let us know !!

Cheers

Ant
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]] On Behalf Of
[email protected]
Sent: 22 July 2003 14:47
To: [email protected]
Subject: Re: [FW-1] IPSEC tunnel between Cisco Router and CheckPoint NG

I have the same question.  Any takers?

>Date:    Thu, 17 Jul 2003 19:18:34 +0200
>From:    [email protected]
>Subject: IPSEC tunnel between Cisco Router and CheckPoint NG

>Hi to all,

>Someone knows how to do a tunnel between a Cisco Router and CheckPoint
>Firewall (Next Generation FP3).

>I need to do it and i don´t know how to.

>Thanks very much.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- Re: [FW-1] IPSEC tunnel between Cisco Router and CheckPoint NG
  - From: [email protected]

Prev by Date: [FW-1] Checkpoint NG Backup Offline
Next by Date: [FW-1] cron job error with fw log -lng
Previous by thread: Re: [FW-1] IPSEC tunnel between Cisco Router and CheckPoint NG
Next by thread: Re: [FW-1] IPSEC tunnel between Cisco Router and CheckPoint NG
Index(es):
- Date
- Thread