[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] VPN between two private networks without NAT
Apologies all, I had been mis-informed; our Nokia firewall is also running SP2, not SP3 as I stated below. -----Original Message----- From: Grigson, Phil [mailto:[email protected]] Sent: 27 February 2001 16:33 To: '[email protected]' Subject: [FW1] VPN between two private networks without NAT I have a common scenario, two private networks that need to be connected with a VPN over the Internet. We need to machines talk across the VPN using their internal network addresses, ie no NAT. I have the VPN set up in both Firewalls, and a machine in one network can tracert successfully to a machine in the other network. However, trying the reverse causes the ICMP reply to be rejected by the encryption rule with the following info: encryption failure: Packet is not IPSEC scheme: IKE One network is protected by FW-1 4.1 SP3 running on a Nokia 440, the other by FW-1 4.1 SP2 on an NT4 box. Coming from the network beyond the NT firewall to the network behind the Nokia firewall works, but not from Nokia -> NT. I read that this can occur if one box is one box is SP2 or SP3 and the other is SP1, but that doesn't appear to apply in this case. Is anyone able to help me out with some advice on where to tackle this? _________________________________________________________________ Notice of Confidentiality This transmission contains information which may be confidential and which may also be privileged. Unless you are the intended recipient of the message (or authorised to receive it for the intended recipient) you may not copy, forward or use it, or disclose it or its contents to anyone else. If you have received this transmission in error please notify us immediately at: [email protected] or IT Manager: +44 1737 241144 Fax: +44 1737 241496 Watson Wyatt Partners is regulated by the Institute of Actuaries in the conduct of UK investment business. _________________________________________________________________ ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|