VPN Gateway

Reginald Shorter Tue, 19 Feb 2002 18:14:48 -0800


        Has anyone ever configured a Nortel Contivity 1500 version 2.11 and
Checkpoint FW-1 version 4.0 SP5 gateway to gateway VPN? I am having
difficulty in establishing a tunnel. The error below is from the Checkpoint
FW



        ISAKMP Log Phase1 completion error: 3DES?MD5?PRE shared secrets
Negotiation id: 7fdcb0908553627-ef8089f393d05e18                        
        ISAKMP Log: Sent Notification: invalid protocol id ,phase2 stage1>
Negotiation id: e1a8af75
                

        The error below is from the Nortel Platform. Any help would be
greatly appreciated.

        Reginald Shorter
        USM Service Center
        Network and Systems Engineer




        
        02/15/2002 18:22:34 0 tHttpdTask [35] BoTestTunnel[xxx.xxx.xxx.1,
xxx.xxx.xxx.62] destroyed by user 'admin' @ 'xxx.xxx.xxx.251' 02/15/2002
18:22:34 0 BoTest [01] ---------------Test Failed
[xxx.xxx.xxx.1:xxx.xxx.xxx.62]-----------------------------------
02/15/2002 18:22:34 0 ISAKMP [02] Deleting ISAKMP SA with xxx.xxx.xxx.62
02/15/2002 18:22:34 0 Security [12] Session: IPSEC[xxx.xxx.xxx.62]:541
logged out 02/15/2002 18:22:34 0 BoTest [01] ***** Unable to establish
connection. View event log for further details. 02/15/2002 18:22:34 0
ISAKMP [13] Authentication failure in message from xxx.xxx.xxx.62
02/15/2002 18:22:34 0 ISAKMP [03] No IPsec encryption type selected for
xxx.xxx.xxx.62 - terminating connection attempt 02/15/2002 18:22:34 0
Security [11] Session: IPSEC[xxx.xxx.xxx.62]:541 authorized 02/15/2002
18:22:34 0 Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541 LOCAL IN FILTER
1 permit TCP any GT 1023 any EQ 586 02/15/2002 18:22:34 0 Security [01]
Session: IPSEC[xxx.xxx.xxx.62]:541 LOCAL IN FILTER 1 permit TCP any GT 1023
any EQ 17 02/15/2002 18:22:34 0 Security [01] Session:
IPSEC[xxx.xxx.xxx.62]:541 LOCAL IN FILTER 1 permit UDP any EQ 68 any EQ 67
02/15/2002 18:22:34 0 Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541 LOCAL
IN FILTER 1 permit ICMP any any 3 02/15/2002 18:22:34 0 Security [01]
Session: IPSEC[xxx.xxx.xxx.62]:541 LOCAL IN FILTER 1 permit ICMP any any 11
02/15/2002 18:22:34 0 Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541 LOCAL
IN FILTER 1 permit ICMP any any 0 02/15/2002 18:22:34 0 Security [01]
Session: IPSEC[xxx.xxx.xxx.62]:541 LOCAL IN FILTER 1 permit ICMP any any 8
02/15/2002 18:22:34 0 Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541 LOCAL
IN FILTER 1 permit UDP any any EQ 161 02/15/2002 18:22:34 0 Security [01]
Session: IPSEC[xxx.xxx.xxx.62]:541 LOCAL IN FILTER 1 permit TCP any GT 1023
any EQ 80 02/15/2002 18:22:34 0 Security [01] Session:
IPSEC[xxx.xxx.xxx.62]:541 OUT FILTER 1 permit IP 10.1.1.19 0.0.0.0 any
02/15/2002 18:22:34 0 Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541
RESTRICTED FILTER 1 permit IP any any 02/15/2002 18:22:34 0 Security [01]
Session: IPSEC[xxx.xxx.xxx.62]:541 RESTRICTED FILTER 1 deny TCP any EQ 257
any GT 1023 02/15/2002 18:22:34 0 Security [01] Session:
IPSEC[xxx.xxx.xxx.62]:541 RESTRICTED FILTER 1 deny TCP any EQ 256 any GT
1023 02/15/2002 18:22:34 0 Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541
RESTRICTED FILTER 1 deny TCP any GT 1023 any EQ 256 02/15/2002 18:22:34 0
Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541 RESTRICTED FILTER 1 deny
TCP any GT 1023 any EQ 23 02/15/2002 18:22:34 0 Security [01] Session:
IPSEC[xxx.xxx.xxx.62]:541 RESTRICTED FILTER 1 deny UDP any any EQ 161
02/15/2002 18:22:34 0 Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541
RESTRICTED FILTER 1 deny TCP any GT 1023 any EQ 20 02/15/2002 18:22:34 0
Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541 RESTRICTED FILTER 1 deny
TCP any GT 1023 any EQ 21 02/15/2002 18:22:34 0 Security [01] Session:
IPSEC[xxx.xxx.xxx.62]:541 RESTRICTED FILTER 1 deny TCP any GT 1023 any EQ 80
02/15/2002 18:22:34 0 Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541 OUT
FILTER 1 permit IP any any 02/15/2002 18:22:34 0 Security [01] Session:
IPSEC[xxx.xxx.xxx.62]:541 IN FILTER 1 permit IP any any 02/15/2002 18:22:34
0 Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541 using group filter permit
all 02/15/2002 18:22:34 0 Security [11] Session: IPSEC[xxx.xxx.xxx.62]:541
bound to group /Base/Coppin Network 02/15/2002 18:22:34 0 Security [11]
Session: IPSEC[xxx.xxx.xxx.62]:541 authenticated using LOCAL 02/15/2002
18:22:34 0 Security [01] Session: IPSEC[xxx.xxx.xxx.62]:541 attempting
authentication using LOCAL 02/15/2002 18:22:34 0 Security [01] Session:
IPSEC[xxx.xxx.xxx.62]:541 SHARED-SECRET authenticate attempt... 02/15/2002
18:22:33 0 Security [01] Session: IPSEC[xxx.xxx.xxx.62] Coppin Network has
no active accounts 02/15/2002 18:22:33 0 Security [01] Session:
IPSEC[xxx.xxx.xxx.62] has no active sessions 02/15/2002 18:22:33 0 Security
[11] Session: IPSEC[xxx.xxx.xxx.62] attempting login 02/15/2002 18:22:33 0
Branch Office [01] IPSEC branch office connection initiated to
rem[xxx.xxx.xxx.0-255.255.255.0]@[xxx.xxx.xxx.62]
loc[10.1.1.0-255.255.255.0] 02/15/2002 18:22:33 0 BoTest [01] o Initiating
the first connection within the branch-office tunnel.... 02/15/2002
18:22:33 0 BoTest [01] ---------------Branch Office Test Initiated:
[xxx.xxx.xxx.1:xxx.xxx.xxx.62]--------------- 02/15/2002 18:22:33 0
tHttpdTask [35] BoTestTunnel[xxx.xxx.xxx.1, xxx.xxx.xxx.62] created by user
'admin' @ 'xxx.xxx.xxx.251' 

_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

VPN Gateway

Reply via email to