Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] vpn between checkpoint and pix

To: "'Kumar, Prashanth'" <[email protected]>, <[email protected]>
Subject: RE: [FW1] vpn between checkpoint and pix
From: "Byoung Sun Yu" <[email protected]>
Date: Fri, 16 Mar 2001 11:19:19 -0600
Importance: Normal
In-reply-to: <[email protected]>
Reply-to: <[email protected]>
Sender: [email protected]

One typical reason is the discrepency in the IKE/IPSec Key timeout. If it
differs each other, it happens that way as you have. Another reason can be
encryption domain. You want to make sure the subnet is equally masked on
both sides.

HTH,

Sun Yu, CISSP
Lucent Worldwide Services


> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]]On Behalf Of
> Kumar, Prashanth
> Sent: Friday, March 16, 2001 10:53 AM
> To: [email protected]
> Subject: [FW1] vpn between checkpoint and pix
>
>
>
> I am trying to  implement IPSEC vpn between checkpoint

> running on nokia
> 650 4.1 sp2) and Cisco pix using IKE.
> ( using DES, SHA1, ESP+AH , Withot PFS)
> I have followed the chckpoint docs. WE got the tunnel
> working. IT works only
> if any traffic is
> initiated from pix side. then  i can also telnet to their
> routers ( i.e.
> network behind pix). After some time if there is not traffic
> from their side
> tunnel dies. If i initiate traffic from checkpoint site( i.e.
> network behind
> checkpoint) the  tunnel doesn't come up. I get an error in
> the checkpoint
> log viewer . IKE log: received notification from peer: no
> proposal chosen
> Negotiation id:343434f3434.
>
> Can somebody help me. What should i be checking
>
> ------------------------------------------------------------
> Prashanth Kumar
> Network Engineer
> IS&T
> EA
> Ph:> [email protected]
> -----------------------------------------------------------
>
>
>
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] vpn between checkpoint and pix
  - From: "Kumar, Prashanth" <[email protected]>

Prev by Date: RE: [FW1] A New TCP Timeout question
Next by Date: [FW1] CVP buffer
Previous by thread: [FW1] vpn between checkpoint and pix
Next by thread: RE: [FW1] vpn between checkpoint and pix
Index(es):
- Date
- Thread