Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] checkpoint fp3 and freeswan-1.99 (fwd)

To: [email protected]
Subject: [FW-1] checkpoint fp3 and freeswan-1.99 (fwd)
From: Ivan Rodriguez Aguilar - CNDI <[email protected]>
Date: Thu, 23 Oct 2003 16:37:35 -0500
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

had somebody lograte configure a vpn between checkpoint fp3 and freeswan-1.99
o any version the freeswan ??


hello list
this is my ipsec.conf

conn check-encdomlinx
        type=tunnel
        left=148.223.133.234
        leftnexthop=148.223.133.225
        leftsubnet=192.168.64.0/24
        right=200.95.38.193
        rightnexthop=148.223.182.205
        rightsubnet=192.168.65.0/24
        keyexchange=ike
        auth=esp
        pfs=no

the ipsec.secrets

200.x.x.x 148.x.x.x  "secretkey"


in my checkpoint i had define my vpn community. iam following the how to
found in the www.freeswan.org but when i did create the rule y dont
found the option encryption in the column action only i have
accept or drop or reject but not encryption option



the freeswan log


Oct 20 11:36:51 cordoba pluto[26742]: Starting Pluto (FreeS/WAN Version 1.99)
Oct 20 11:36:52 cordoba pluto[26742]: listening for IKE messages
Oct 20 11:36:52 cordoba pluto[26742]: adding interface ipsec0/ppp0
200.95.38.193
Oct 20 11:36:52 cordoba pluto[26742]: adding interface ipsec1/eth1
192.168.65.50
Oct 20 11:36:52 cordoba pluto[26742]: loading secrets from "/etc/ipsec.secrets"
Oct 20 11:36:52 cordoba pluto[26742]: added connection description
"check-encdomlinx"
Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #1: initiating Main
Mode
Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #1: ISAKMP SA
established
Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #2: initiating Quick
Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK
Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #2: ignoring
informational payload, type IPSEC_RESPONDER_LIFETIME
Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #2: sent QI2, IPsec SA
established


the warning

"check-encdomlinx" #1: cannot respond to IPsec SA request because no connection
is known for 200.95.38.193...148.223.133.234
Oct 20 11:38:07 cordoba pluto[26742]: "check-encdomlinx" #1: Quick Mode I1
message is unacceptable because it uses a previously used Message ID 0x06898e24
(perhaps this is a duplicated packet)


thanks in advance and excusme for my english

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Follow-Ups:
- Re: [FW-1] checkpoint fp3 and freeswan-1.99 (fwd)
  - From: Leonardo Boulton <[email protected]>

Prev by Date: Re: [FW-1] increase fwx_cache
Next by Date: [FW-1] VPN between NG-AI and 4.1, Star Topology
Previous by thread: Re: [FW-1] Unable to push ruleset from NG AI management server to 4.1 module
Next by thread: Re: [FW-1] checkpoint fp3 and freeswan-1.99 (fwd)
Index(es):
- Date
- Thread