[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] Check Point VPN-1 and Watch Guard SOHO VPN
We are trying to establish an IPSec VPN between VPN-1 v4.1 w/sp2 and
WatchGuard SOHO. We use DES, SHA1 and sharedsecret.
The VPN-1 log says:
IKE Log: Phase 1 cmpletion. DES/SHA1/Pre shared secrets Negotiation Id:
xxxxx
icmp-type 8 icmp-code 0 encryption failure: no response from peer. scheme:
IKE.
The WatchGuard SOHO log says:
JAN 30 21:51:54 2001 MONITOR remote gateway (aa.xx.yy.98) dead - force
rekey
JAN 30 21:51:54 2001 IP previous message duplicated 10 times
JAN 30 21:51:38 2001 IP Packet discarded from 1.0.0.1 to 204.xx.yy.131 for
port 137
JAN 30 21:51:38 2001 MONITOR previous message duplicated 1 times
JAN 30 21:50:18 2001 MONITOR remote gateway (aa.xx.yy.98) dead - force
rekey
JAN 30 21:50:18 2001 IP previous message duplicated 23 times
JAN 30 21:49:38 2001 IP Packet discarded from 1.0.0.1 to 204.xx.yy.131 for
port 137
JAN 30 21:49:17 2001 MONITOR Cannot load responder ipsec preferences!
JAN 30 21:49:17 2001 MONITOR Unable to get ipsec prefs err=-2
JAN 30 21:49:17 2001 MONITOR aa.xx.yy.98: Unable to find channel info for
remote(€+á€+:P)
Could someone tell us what am I missing here?!
On VPN-1, Phase 1 is complete, but it has not "reached" Phase 2. Does it
mean that the VPN-1 has established connectivity with SOHO and waiting for
SOHO to respond? Or the VPN-1 has not reached SOHO yet.
On the SOHO box, what does "MONITOR remote gateway (aa.xx.yy.98) dead -
force rekey" mean? Has it reached the VPN-1 box yet? Or it is rejected by
VPN-1, but I could not see related entry in the log!
Any pointers/input are appreciated.
Thanks,
Ivan
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================