Hi
all,
I am
wondering if someone has encountered following situation during his
migration,
and of course I'd
like to know too how it has been fixed.
The
environment is :
-
Management = Windows Nt 4.0-SP6a + CheckPoint NG FP3 + HF1 +
HFA_305
-
Firewall = Nokia IP440 IPSO
3.6-FCS6 + CheckPoint NG FP3 + HF1 + HFA_305
--> this
one was coming from 4.1-SP3 ... then NG FP1
Due to
several other issues we had before, we delayed this upgrade till
now.
The
Firewall is in fact an HA solution, using VRRP MC, on which we broke the
cluster, one
module is still up
and running with 4.1 and the second member has been migrated to
the
above mentioned
version.
Since then, when trying to establish
a SR VPN with the module we get following error message:
dst scheme NA:
route status temporary unavailable resources.
The
rule showing this error is the one that should encrypt my SR connections, I can
authenticate,
but the rule rejects
the connection, and it is in the clear, not encrypted !!
I
read article sk16981 in the Check Point knowledge base but they ask to install
HFA_303, but
I installed a higher
version HFA_305 !!!
If nobody has seen this before I think I'll have to downgrade once more and
start upgrading
step by step and
after each step test !!
Thank
you for any ideas you might have.
Met vriendelijke groeten - Bien � vous -
Kind regards
Guy
ROELANDTS
EMEA GS Internet Expertise Centre - CCSE-NG
Hewlett-Packard Belgium
B.V.B.A./S.P.R.L.
E-mail : [EMAIL PROTECTED]
Tel: +32(02)729.77.44 (options 3 - 3 - 1)
Fax: +32(02)729.77.65
==========================================================
This
message may contain confidential and/or proprietary information,
and is
intended only for the person/entity to whom it was originally
addressed. The
content of this message may contain private views and
opinions which do not
constitute a formal disclosure or commitment
unless specifically stated.
Should you receive this message by mistake
please inform the sender
immediately.
==========================================================
