[fw-wiz] checkpoint fp3 and freeswan-1.99
From: Ivan (ivan_at_inah.gob.mx)
Date: 10/20/03
- Previous message: Mikael Riska: "[fw-wiz] Request for Information: study of patching a certain IIS-vulnerability"
- Next in thread: Luca Berra: "Re: [fw-wiz] checkpoint fp3 and freeswan-1.99"
- Reply: Luca Berra: "Re: [fw-wiz] checkpoint fp3 and freeswan-1.99"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: firewall-wizards@honor.icsalabs.com Date: Mon, 20 Oct 2003 11:47:25 -0600
hello list
this is my ipsec.conf
conn check-encdomlinx
type=tunnel
left=148.223.133.234
leftnexthop=148.223.133.225
leftsubnet=192.168.64.0/24
right=200.95.38.193
rightnexthop=148.223.182.205
rightsubnet=192.168.65.0/24
keyexchange=ike
auth=esp
pfs=no
the ipsec.secrets
200.x.x.x 148.x.x.x "3comcare"
in my checkpoint i had define my vpn community. iam following the how to
found in the www.freeswan.org but when i did create the rule y dont
found the option encryption in the column action only i have
accept or drop or reject but not encryption option
the freeswan log
Oct 20 11:36:51 cordoba pluto[26742]: Starting Pluto (FreeS/WAN Version 1.99)
Oct 20 11:36:52 cordoba pluto[26742]: listening for IKE messages
Oct 20 11:36:52 cordoba pluto[26742]: adding interface ipsec0/ppp0
200.95.38.193
Oct 20 11:36:52 cordoba pluto[26742]: adding interface ipsec1/eth1
192.168.65.50
Oct 20 11:36:52 cordoba pluto[26742]: loading secrets from "/etc/ipsec.secrets"
Oct 20 11:36:52 cordoba pluto[26742]: added connection description
"check-encdomlinx"
Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #1: initiating Main
Mode
Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #1: ISAKMP SA
established
Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #2: initiating Quick
Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK
Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #2: ignoring
informational payload, type IPSEC_RESPONDER_LIFETIME
Oct 20 11:36:52 cordoba pluto[26742]: "check-encdomlinx" #2: sent QI2, IPsec SA
established
the warning
"check-encdomlinx" #1: cannot respond to IPsec SA request because no connection
is known for 200.95.38.193...148.223.133.234
Oct 20 11:38:07 cordoba pluto[26742]: "check-encdomlinx" #1: Quick Mode I1
message is unacceptable because it uses a previously used Message ID 0x06898e24
(perhaps this is a duplicated packet)
thanks in advance and excusme for my english
----------------------------------------------------------------
Este mensaje fue enviado por el servidor de correo del INAH
vista nuestra pagina http://www.inah.gob.mx
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Mikael Riska: "[fw-wiz] Request for Information: study of patching a certain IIS-vulnerability"
- Next in thread: Luca Berra: "Re: [fw-wiz] checkpoint fp3 and freeswan-1.99"
- Reply: Luca Berra: "Re: [fw-wiz] checkpoint fp3 and freeswan-1.99"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
