[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [fw1-gurus] Configure an extranet with linux endpoint

Subject: RE: [fw1-gurus] Configure an extranet with linux endpoint
From: "Stefano Colombo" <s_colombo@xxxxxx>
To: <juan_concepcion@xxxxxxxxxxx>,"'Volker Tanger'" <volker.tanger@xxxxxxxxx>
Cc: <fw1-gurus@xxxxxxxxxxxxxxxxxx>
Date: Fri, 30 Jan 2004 12:36:34 +0100

Hi Juan , 
  you were right . We found that problem and solve it 
  thanks

-----Original Message-----
From: Juan Concepcion [mailto:juan_concepcion@xxxxxxxxxxx] 
Sent: Friday, January 30, 2004 1:51 AM
To: 'Stefano Colombo'; 'Volker Tanger'
Cc: fw1-gurus@xxxxxxxxxxxxxxxxxx
Subject: RE: [fw1-gurus] Configure an extranet with linux endpoint

You need to modify the timeout value on the Linux box.  You did create it as
an interoperable device object correct?  The other thing you have to do is
modify the advance ike properties on this object to reflect that actual
timeout value on the Linux box.  By default cp and linux IKE SA negotiations
will fail because the timeout values are different.

Juan

-----Original Message-----
From: Stefano Colombo [mailto:s_colombo@xxxxxx]
Sent: Thursday, January 29, 2004 8:21 AM
To: 'Volker Tanger'
Cc: fw1-gurus@xxxxxxxxxxxxxxxxxx
Subject: RE: [fw1-gurus] Configure an extranet with linux endpoint

Hi , 
  thanks for the link you provided. I made the setup suggested but
having problem with the SA .
  We have agreed to use a preshared configuration but it seems the SA
doesn't complete .
  The log reported " packet is dropped no valid SA "
  I tried a search on google but couldn find any useful

  Thanks again 

-----Original Message-----
From: Volker Tanger [mailto:volker.tanger@xxxxxxxxx] 
Sent: Thursday, January 29, 2004 8:59 AM
To: Stefano Colombo
Cc: fw1-gurus@xxxxxxxxxxxxxxxxxx
Subject: Re: [fw1-gurus] Configure an extranet with linux endpoint

On Wed, 28 Jan 2004 13:05:02 +0100 "Stefano Colombo" <s_colombo@xxxxxx>
wrote:

>   we run a NG FP3 on NOKIA appliance . We've been asked to setup an
>   extranet with another company with a linux box .

See the FAQs:
http://www.fw-1.de/aerasec/ng/vpn-freeswan/CP-FW1-NG+Linux-FreeSWAN-Road
Warr
ior.html

...or simply google.

Bye

Volker Tanger
ITK-Security

---------------------------------------------------------------------
FireWall-1 Gurus Mailing List (http://www.phoneboy.com/gurus) To
unsubscribe, mailto:fw1-gurus-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, mailto:fw1-gurus-help@xxxxxxxxxxxxxxxxxx

---------------------------------------------------------------------
FireWall-1 Gurus Mailing List (http://www.phoneboy.com/gurus)
To unsubscribe, mailto:fw1-gurus-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, mailto:fw1-gurus-help@xxxxxxxxxxxxxxxxxx

References:
- RE: [fw1-gurus] Configure an extranet with linux endpoint
  - From: Juan Concepcion

Prev by Date: Re: [fw1-gurus] Cannot log into firewall
Next by Date: RE: [fw1-gurus] Remote Firewall Logging Problem
Previous by thread: RE: [fw1-gurus] Configure an extranet with linux endpoint
Next by thread: [fw1-gurus] Problem applying hotfix accumulator HFA_R55_01
Index(es):
- Date
- Thread