Figured out the problem actually. We've got a HA setup with 2 firewalls, and I was trying to authenticate to the secondary firewall.. I redid my rules To auth off of the cluster ip, and it works fine now.
Michael -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Ray Sent: Thursday, June 24, 2004 8:16 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] VPN/SecureRemote problem during key exchange Check out sk23166. It says the VPN certificate on the firewall object is corrupt. Is this affecting just one client or all of them? If all of them, this might be the answer. Ray >From: Michael Halligan <[EMAIL PROTECTED]> >Reply-To: Mailing list for discussion of Firewall-1 ><[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: [FW-1] VPN/SecureRemote problem during key exchange >Date: Thu, 24 Jun 2004 16:24:48 -0700 > >I'm getting an odd error message during IKE key exchange when trying to >do a client-site VPN. >The error I'm getting is : >Negotiation with gateway IP at site IP hast failed. >Received notification: invalid cookie. >I'm not finding information about this on cp's site or in any of the >various manuals I have access to. >Has anybody run into this before? > > >On the client end I'm running SecuRemote R55 >On the server, R55 NG with AI _________________________________________________________________ MSN Movies - Trailers, showtimes, DVD's, and the latest news from Hollywood! http://movies.msn.click-url.com/go/onm00200509ave/direct/01/ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
