AFAIK, there is no Certificate Authority on a PIX (at least there was none last time I worked with one), therefore you cannot generate certs on it and would need to find another external CA to work with.
Most likely there is one already available since you mentioned the router and the PIX are already doing VPN with Certificates. Regards On Sun, Dec 28, 2008 at 8:09 PM, Mateo Cabrera <[email protected]> wrote: > Hi folks, > > > i`ve the following scenario: > > A chkp firewall in a localnet with a CISCO router, but this CISCO it have > another iface connected to Internet, and this CISCO router have a VPN with > a > CISCO Pix using certificates because this CISCO Pix have dynamic IP > address... > > This terrible mess is because i want to comunicate the chkp firewall with > the CISCO Pix firewall (the CISCO Pix it have dynamic IP). > > So...unless you have a better solution to do it, please can you help me to > add a valid certificate generared by the CISCO Pix in the chkp firewall? i > guess like an external CA o something like that... > > Please...this was an idea but if i can to create a VPN directly with an > interoperable device like CISCO Pix (with dynamic IP), please..LET ME > KNOW...!!! > > thx a lot > matt > > > Scanned by Check Point Total Security Gateway. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > -- Sergio Alvarez (506)8301342 Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
