-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
What you want to do is check the NETMASKS on the encryption domains
you'er using. My bet is that the encryption domain for 10.65.1.x or
10.65.9.x are NOT /24 or 255.255.255.0. You probably have a NETMASK
for one of the networks as 255.255.0.0 or /16....bad.
Cheerio!
- ----------------------------------------|
Ralph M. Los
Sr. Security Engineer and Trainer
EnterEdge Technology, L.L.C.
[EMAIL PROTECTED]
(770) 955-9899 x.206
- ----------------------------------------|
::-----Original Message-----
::From: Simon Chan [mailto:[EMAIL PROTECTED]]
::Sent: Friday, April 05, 2002 3:09 PM
::To: Firewalls
::Subject: both endpints are in vpn domain
::
::
::*This message was transferred with a trial version of
::CommuniGate(tm) Pro* Hi,
::
::we've recently setup the site to site vpn with another of
::our branch office using NG fp1 using IP120.
::
::The vpn using IKE, is between two networks (site A) 10.65.1.x
::and 10.65.9.x (site B).
::
::The VPN is working fine, but we notice from the logs at Site
::A , there's always this message :
::
::" ... netbios-dgm 10.65.1.2 10.65.1.255
::Encryption failure:
::both endpoints are in vpn domain"
::
::and the destination is always the local broadcast address
10.65.1.255.
::
::
::Any advise on what this means ?
::
::tks.
::
::Rgds,
::
::Simon
::
::_______________________________________________
::Firewalls mailing list
::[EMAIL PROTECTED]
::http://lists.gnac.net/mailman/listinfo/firewall::s
::
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
iQA/AwUBPK22YNfQPveTWZDtEQImBQCeKwpmnRDjsTKU9IVZjtTZUgHbpV8AnjM0
qRCosdxLYq4pxs2I9qQJha6c
=XMzD
-----END PGP SIGNATURE-----
