[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] VPN problems..

To: "'fw-1-mailinglist@lists.us.checkpoint.com'" <fw-1-mailinglist@beethoven.us.checkpoint.com>
Subject: [FW1] VPN problems..
From: "Kelley, John L." <John.Kelley@Vigilinx.com>
Date: Tue, 26 Jun 2001 12:30:52 -0400


    [ Part 1, Text/PLAIN (charset: ISO-8859-1 "Latin 1")  31 lines. ]
    [ Unable to print this part. ]

    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]


Sounds simple.. I am sure.. maybe it is..

Here is the deal..

I have a number of firewalls that I need to create a VPN to from my
firewall.  I seem to have the VPN setup properly on my side of the
connection because I see my connections being encrypted going to the
remote firewalls.  Yet, when they get to the remote end they are
rejected.  Even more interesting is I can, in a convoluted manner, get to
these remote firewalls and login and ssh back to my end and all is good
and encrypted.

So I look at the logs, and I notice that when I try to reach a remote
firewall, the keys are exchanged with FWX.  Amazingly enough I can ssh to
FWX perfectly fine from my network, encrypted and all.

The error I get with the others is.. , neither the source nor the
destination is within the encryption domain.

So, if my understanding is correct.. I need to exchange keys directly
with the firewall in which I need to encrypt or it no workie.. But I
don't know how to set the remote firewalls up so that they do not
authenticate to FWX.  Or at least I think that is what is happening.

Oh well , this is long enough..

If anyone can help it would be appreciated.

Thanks
John Kelley
Senior Security Analyst
Vigilinx

Prev by Date: [FW1] FW-1 slow and strange behaviour
Next by Date: [FW1] 4.1 and Solaris
Prev by thread: [FW1] FW-1 slow and strange behaviour
Next by thread: [FW1] 4.1 and Solaris
Index(es):
- Date
- Thread