[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Encryption Failure

To: "'MARK FOSTER'" <mfoster@lanmarknet.com>, fw-1-mailinglist@lists.us.checkpoint.com
Subject: RE: [FW1] Encryption Failure
From: "Silva, Paul" <psilva@kelleydrye.com>
Date: Fri, 17 Mar 2000 08:45:37 -0500
Sender: owner-fw-1-mailinglist@lists.us.checkpoint.com


Make sure you are using the same encryption scheme for both firewalled
computers. Algorithms also have to match. I would defenitily look at these
properties. Also check if you have address translation for any of the
machines; address translation can cause conflicts. How did you generate the
isakmp keys on the troubled site? did you pull it from the management
station?
I hope this helps.

Regards,

Paul Silva
CCSA, CCSE 

-----Original Message-----
From: MARK FOSTER [mailto:mfoster@lanmarknet.com]
Sent: Friday, March 17, 2000 8:36 AM
To: fw-1-mailinglist@lists.us.checkpoint.com
Subject: [FW1] Encryption Failure



I have a weird problem.  I set up a VPN between two sites, but it only works
one way.  Background:
Master site is currently running NT 4 with sp5, VPN-1 no service packs,
supporting four remote 
VPN sites all running NT 4 with sp5.  But the new site is running Sun
Solaris 2.6 with VPN-1, I
can connect from a PC behind the Sun firewall to the master end no problem.
I checked the
event logs at the master and see the encryption packets.  But going the
other way, the log 
shows the following error:  "Encryption Failure: no response from peer
scheme: isakmp"
I've tried phoneboy and joe and tech support but no help. Help!!! The client
is getting very
upset.  Thanks. Mark.


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


The information contained in this E-mail message is privileged, confidential, 
and may be protected from disclosure; please be aware that any other use, 
printing, copying, disclosure or dissemination of this communication may be 
subject to legal restriction or sanction. If you think that you have received 
this E-mail message in error, please reply to the sender. 
This E-mail message and any attachments have been scanned for viruses and are 
believed to be free of any virus or other defect that might affect any 
computer system into which it is received and opened. However, it is the 
responsibility of the recipient to ensure that it is virus free and no 
responsibility is accepted by Kelley Drye & Warren LLP for any loss or damage 
arising in any way from its use.



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Newbie question
Next by Date: [FW1] Timeout when trying to install policy (may be off-topic)
Prev by thread: [FW1] Encryption Failure
Next by thread: Re: [FW1] Encryption Failure
Index(es):
- Date
- Thread