From: "Oxenreider, Jeff" <[email protected]>
To: 'charles kings' <[email protected]>,
[email protected]
Subject: RE: [FW1] Hybrid Mode
Date: Fri, 8 Sep 2000 12:20:57 -0400
I've seen this, actually, I just went through this myself. One little
undocumented "GOTCHA". If you look at your client encrypt rule, and go
into
the client encrypt action properties, you'll see a bright spanking new
checkbox that wasn't there before. "Apply Rule Only if Desktop
Configuration Options are Verified" uncheck this evil little twit (unless
you're running desktop policies I guess) and you'll find that your sessions
will begin to encrypt/decrypt again.
I spent two hours on the phone with CP tech support trying to get
Hybrid/IKE
running, and they didn't mention this little box at all. I found it about
20 minutes after I got off the phone with them, and then sent them an email
so they can hopefully add it to their database.
Good luck!
Jeffrey A. Oxenreider
Network Analyst
Safelite Glass Corp
-----Original Message-----
From: charles kings [mailto:[email protected]]
Sent: Friday, September 08, 2000 11:49 AM
To: [email protected]
Subject: [FW1] Hybrid Mode
Greetings,
I am trying to implement Hybrid Mode IKE for Securemote authentication and
have followed all the instructions listed in the CheckPoints document
written by Joe Dipietro. While all steps checked, when I try to
authenticate with a user setup for IKE (DES), I get the following messega
at
the securemote client. " Negotiation with firewall at site x has fialed. No
common authentication method with fw" The logs don't display anything at
all. Please not that prior to this setup I was able to authenticat using
IKE setups, but not anymore.
Has anyone out there had the same problem? The version I am using are as
follow:
FW - Gateway and management station (separate) ver 4.1 Build 41716 strong.
SecuRemote client - Secureclient ver 4.1 SP1-DES Build 4157
Any help will be appreciated...Chuck
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====