Hello list,
I am trying to set up UDP encapsulation for my securemote vpns.
The client is a Securemote 4.1 SP3 build 4176 single-DES for w2k, it
is behind a ADSL router.
So I edited objects.C, and added de following to the definition of my
management:
:isakmp.udpencapsulation (
:resource (
:type (refobj)
:refname ("#_VPN1_IPSEC_encapsulation")
)
:active (true)
)
The fw object is a fw-1 4.1 sp3 on a solaris 2.6 system. The service
"VPN1_IPSEC_encapsulation" was already defined on udp/2746.
Once I downloaded the topology from the client I started to see
trafic on udp/2746 on the external interface of my fw, but the
firewalls just ignores it.
No entries in the log, no alerts, no nothing, except for the
key-download and the ike-exchange, which are both succesfull.
If I take a look to the LISTEN ports on the fw I can see udp/500 for
IKE and udp/264 for fw_topo, but nobody is listening for udp/2746, is
this normal?
I am pretty sure the client is well configured, I have succesfully
established a VPN with the Demo page at Checkpoint.com using
udp-encapsulation.
So, any ideas?
did I forgot something?
thanks in advance.
Raúl
La información incluida en el presente correo electrónico es CONFIDENCIAL,
siendo para el uso exclusivo del destinatario arriba mencionado. Si usted
lee este mensaje y no es el destinatario señalado, el empleado o el agente
responsable de entregar el mensaje al destinatario, o ha recibido esta
comunicación por error, le informamos que está totalmente prohibida
cualquier divulgación, distribución o reproducción de esta comunicación, y
le rogamos que nos lo notifique, nos devuelva el mensaje original a la
dirección arriba mencionada y borre el mensaje.
Gracias.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
