[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1]
We are in the process of setting up a site-to-site vpn between our NG FP2 and an externally managed V4.1. Firstly, I need to check with the other folks on what is the difference creating a policy in simplified and traditional modes. Using traditional mode, stuff like "support aggressive mode" can be set under the IKE/Advanced option. However, this is not possible under simplified mode when the firewall/vpn object is attached to the vpn community. Using simplified mode, the initial error encountered was "aggressive mode not supported". I have to set ike_p1_use_aggressive to true in objects_5_0.C file and this error was not seen further. But the next error encountered was "proposal not chosen". We finally decided to go back to traditional mode but is there a utility to move all the rules from simplified mode to traditional mode? If simplified mode is the way to go in the future, what about site-to-site with non-checkpoint vpn products? TIA. Rif _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|