[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] secure client problem
Hi, I try to do a secureclient connection to a Nokia IP 530 NG FP2 and it doesn't work ... When i first create a new site (the nokia vpn gateway) on the client, it works. Then i try to connect and download and it failed (timeout due apparently to the fact that the policy server does not respond) On the status manager everything is ok (connected) except policy server with "not responding" status. When i check logs on the Nokia (dtps.elg) it says "dtlps object not defined, policy server going down". Here's additional informations : I'm using SecurePlatform (FW1-NG-FP2) and get the following when I create a site at my SecureClient laptop! * I create the Site and connect. * I get a username/password prompt and I enter my credentials * I receive (and accept) the certificate from the Firewall * I get confirmation of correct authentication * I get the Site Information * I get a message if I would like to download a policy from the policy server and I select to do so! * I see that SecureClient is trying to exchange Keys with the firewall, but after a while, I get a messages that the Client failed to communicate with the Policy Server at site XYZ. I have tried UDP encapsulation and IKE over TCP but both do not resolve the problem :( In the Firewall logs I see the following entries: * Action Service Source Destination ----------------------------------------------------- * ACCEPT FW1_topo SecureClient Firewall * ACCEPT IKE SecureClient Firewall * login SecureClient Firewall (reason: User Authenticated by Firewall. Sending SSL Encrypted Topology, using IKE authentication. Any idea ? thanks a lot ********************************************************************** Cet email et tout fichier attache est confidentiel. Ils ne peuvent etre utilises que par la personne ou l'organisation a laquelle ils sont destines. Si vous avez recu ce message par erreur veuillez en avertir votre administrateur systeme. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. CMG France ********************************************************************** ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|