Re: [FW-1] encryption fail reason: Packet in wrong direction (VPN Error code 01)

Mon, 16 Jun 2003 06:24:32 -0700 

You need to configure the spoofing in the interface of your firewall...


Javier Díaz Evans
Project Engineer
Etek International Holding Corp - Colombia
ISO 9001 certified
Tel: +57 - (1) - 622 - 7122
Fax: +57 - (1) - 257 - 1520
www.etek.com.co




Femi Ogundeji <[EMAIL PROTECTED]>
Sent by: Mailing list for discussion of Firewall-1 
<[EMAIL PROTECTED]>
16/06/2003 07:17 a.m.
Please respond to Mailing list for discussion of Firewall-1
 
        To:     [EMAIL PROTECTED]
        cc: 
        Subject:        [FW-1] encryption fail reason: Packet in wrong 
direction (VPN Error code 01)


Dear all,

I'm running vpn tunnel btw checkpoint fw1 ng AI (Fw1-A and Fw1 B). 
Whenever
I ping from encryption domain of Fw1-A, I got the following messages :

from smartview tracker fw1-A
Number: 42   Action:  Drop.   Information: icmp-type: 8 icmp-code: 0
message_info: Address spoofing
Number:  43   Action:   Drop    Information:  icmp-type: 8 icmp-code: 0
encryption fail reason: Packet in wrong direction (VPN Error code 01)

When I ping from ecryption domain of Fw1-B, I got the following messages:

from Fw-B smartview tracker:
Number: 36    Action:encrypt    Information: icmp-type: 8  icmp-code: 0

from Fw-A smartview tracker:
Number:  56   Action: Decrypt Information: icmp-type: 8  icmp-code: 0
Number:  57   Action: Drop    Information: icmp-type: 0  icmp-code: 0
message_info: Address spoofing
Number:  58   Action: Drop    Protocol: esp   Information: encryption
failure:  Warning: possible replay attack

I also face similar issue with FW1 NG FP2. Please can someone help.

Thanks


Femi Ogundeji
acdHadrian  Security Solutions
* mailto: [EMAIL PROTECTED]
WWW    http://securesolutions.nat.bt.com

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================

Reply via email to