No announcement yet.

PIX VPN >> Checkpoint

  • Filter
  • Time
  • Show
Clear All
new posts

  • PIX VPN >> Checkpoint

    I've been pulling my hair out for the last week setting up a Site to Site VPN to my office Checkpoint. I've been using a Cisco ASA unit and due to time zones at the remote site it's been real tricky getting logs. I've a PIX501 6.3 at home so decided to get the config correct here and then copy over to the ASA.

    I've found instructions on the net on how to do it and followed down to the letter.

    But still no joy I presume it's the checkpoint end causing the problem.

    Below is the error on the checkpoint

    IKE: No common community for myself and peer

    Both sites have the same key and DH group.

    The Checkpoint is running in simple mode

    Any help would be much recieved

  • #2
    Re: PIX VPN >> Checkpoint

    Quick reply Managed to clear that error the CISCO thinks everything is fine but Checkpoint is still moaning. If I do it in traditional mode on the Checkpoint the VPN comes up but can't create ACL's as the whole firewall is in Simple mode. I'll try and work on the community today and post results.

    May end up purchasing a new ASA to replace old Checkpoint/Nokia solution


    • #3
      Re: PIX VPN >> Checkpoint

      Are phase 1 and phase 2 established from the ASA's perspective?

      show crypto isakmp sa

      show crypto ipsec sa

      CCNA, CCNA-Security, CCNP
      CCIE Security (In Progress)