Re: ipsec ISA to Watchguard
- From: "Aventao" <listas@xxxxxx>
- Date: Wed, 20 May 2009 23:20:11 +0200
thanks
i try , try and try ..
"Leythos" <spam999free@xxxxxxxxxx> escribió en el mensaje
news:MPG.247e385e191701dd989c1d@xxxxxxxxxxxxxxxxxxxxxxx
In article <77hp23F1goqp4U1@xxxxxxxxxxxxxxxxxx>, listas@xxxxxx says...
Phase II , yes pass data
While I'm not doing a IPSec to a ISA server, here is the basic WG
settings I've found that work with all other firewall devices:
Gateway
Use a pre-shared key (not a IPSec FB Cert)
Local Gateway: Your FB IP Address (Public)
Interface External
Remote Gateway: IP Address of other device/fw (Public)
Type: Ip Address
ID: IP Address of other device/fw (Public)
Phase 1
Mode - Main Fall Back to Aggressive
X Nat Traversal
X IKE Keep-Alive
SHA1-3DES, DH 1
BO Tunnel
Address Local ANY
Remote (IP Subnet of LAN side)
Phase II
- PFS (not enabled)
SA Settings (unchecked - default)
IPSec Proposals ESP-3DES-SHA1
This will get the tunnel, but you need a rule to allow traffic between
your LAN and the remote LAN.
--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@xxxxxxxxxx (remove 999 for proper email address)
.
- References:
- ipsec ISA to Watchguard
- From: Aventao
- Re: ipsec ISA to Watchguard
- From: Leythos
- Re: ipsec ISA to Watchguard
- From: Aventao
- Re: ipsec ISA to Watchguard
- From: Leythos
- Re: ipsec ISA to Watchguard
- From: Aventao
- Re: ipsec ISA to Watchguard
- From: Leythos
- ipsec ISA to Watchguard
- Prev by Date: Re: ipsec ISA to Watchguard
- Next by Date: Watching WTA Warsaw from work
- Previous by thread: Re: ipsec ISA to Watchguard
- Next by thread: Jvc Camcorder Chargers
- Index(es):
Relevant Pages
|
Loading
