Announcement

Collapse
No announcement yet.

PIX VPN >> Checkpoint

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • PIX VPN >> Checkpoint

    I've been pulling my hair out for the last week setting up a Site to Site VPN to my office Checkpoint. I've been using a Cisco ASA unit and due to time zones at the remote site it's been real tricky getting logs. I've a PIX501 6.3 at home so decided to get the config correct here and then copy over to the ASA.

    I've found instructions on the net on how to do it and followed down to the letter.

    But still no joy I presume it's the checkpoint end causing the problem.

    Below is the error on the checkpoint

    IKE: No common community for myself and peer

    Both sites have the same key and DH group.

    The Checkpoint is running in simple mode

    Any help would be much recieved
    Alex

  • #2
    Re: PIX VPN >> Checkpoint

    Quick reply Managed to clear that error the CISCO thinks everything is fine but Checkpoint is still moaning. If I do it in traditional mode on the Checkpoint the VPN comes up but can't create ACL's as the whole firewall is in Simple mode. I'll try and work on the community today and post results.

    May end up purchasing a new ASA to replace old Checkpoint/Nokia solution

    Comment


    • #3
      Re: PIX VPN >> Checkpoint

      Are phase 1 and phase 2 established from the ASA's perspective?


      show crypto isakmp sa


      show crypto ipsec sa


      I
      CCNA, CCNA-Security, CCNP
      CCIE Security (In Progress)

      Comment

      Working...
      X