[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] checkpoint fp3 and freeswan-1.99 (fwd)
The action Encrypt only shows up when you are on Traditional Mode. If you are on Simplified mode, you'll have to configure a VPN Community. L. On Thu, 2003-10-23 at 17:37, Ivan Rodriguez Aguilar - CNDI wrote: > had somebody lograte configure a vpn between checkpoint fp3 and freeswan-1.99 > o any version the freeswan ?? > > > hello list > this is my ipsec.conf > > conn check-encdomlinx > type=tunnel > left=148.223.133.234 > leftnexthop=148.223.133.225 > leftsubnet=192.168.64.0/24 > right=200.95.38.193 > rightnexthop=148.223.182.205 > rightsubnet=192.168.65.0/24 > keyexchange=ike > auth=esp > pfs=no > > the ipsec.secrets > > 200.x.x.x 148.x.x.x "secretkey" > > > in my checkpoint i had define my vpn community. iam following the how to > found in the www.freeswan.org but when i did create the rule y dont > found the option encryption in the column action only i have > accept or drop or reject but not encryption option > > > > the freeswan log > > > Oct 20 11:36:51 cordoba pluto[26742]: Starting Pluto (FreeS/WAN Version 1.99) > Oct 20 11:36:52 cordoba pluto[26742]: listening for IKE messages > Oct 20 11:36:52 cordoba pluto[26742]: adding interface ipsec0/ppp0 > 200.95.38.193 > Oct 20 11:36:52 cordoba pluto[26742]: adding interface ipsec1/eth1 > 192.168.65.50 > Oct 20 11:36:52 cordoba pluto[26742]: loading secrets from "/etc/ipsec.secrets" > Oct 20 11:36:52 cordoba pluto[26742]: added connection description > "check-encdomlinx" > Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #1: initiating Main > Mode > Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #1: ISAKMP SA > established > Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #2: initiating Quick > Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK > Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #2: ignoring > informational payload, type IPSEC_RESPONDER_LIFETIME > Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #2: sent QI2, IPsec SA > established > > > the warning > > "check-encdomlinx" #1: cannot respond to IPsec SA request because no connection > is known for 200.95.38.193...148.223.133.234 > Oct 20 11:38:07 cordoba pluto[26742]: "check-encdomlinx" #1: Quick Mode I1 > message is unacceptable because it uses a previously used Message ID 0x06898e24 > (perhaps this is a duplicated packet) > > > thanks in advance and excusme for my english > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|