I have a similar problem to the one described in the Phoneboy FAQ (copied below) except that I am talking to FW1 v4.1 (Checkpoint 2000) with latest hotfix. I have configured FW1 to use IKE - with default settings and the client to prefer IKE. As below I can download the topology but the authentication fails on rule 0 with a message "No common encryption method with Firewall". I have not enabled FWZ at all. The client is SR build 4157 (latest I believe) on Win95. In the user profile I am using FW1/VPN username/password authentication, encryption (DES) +data integrity (SHA1). Where can I find more information than the logs show. Is there detailed IKE logging available? Cheers, Jim <paste> Client Encryption: Access denied by FireWall-1 authentication Q: I'm trying to set up Secure Client 4.1 and a FireWall-1 4.0... I'm able to download the topology to the client with no problems, but when I attempt access to a resource, the packet is rejected, showing: "reason: Client Encryption: Access denied by FireWall-1 authentication" in the info field of the log entry showing the reject. I believe the password is correct. What else can I check? A: John Witham suggests it may be caused by incorrect user encryption setup. If you're using FWZ encryption, make sure the FWZ encryption tab in the User Properties menu is set correctly. Try defaulting "Session Key Encryption" and "Data Encryption method" to "Any" for testing. If that works, you can examine the log for what encryption methods were used, and go from there. </paste> -- Jim Shaw Email: [EMAIL PROTECTED] Optimation NZ Ltd, DDI: +64-4-470-5831 P.O. Box 10616, Ph: +64-4-472-7218 Level 2, Optimation House, Fax: +64-4-472-7219 1 Grey Street, Web: http://www.optimation.co.nz Wellington, New Zealand ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
