Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
407
Views
0
Helpful
1
Replies

VPN3000 to CheckpointFW1 tunneling

udesai
Level 1
Level 1

‎03-15-2002 02:28 AM - edited ‎03-08-2019 10:04 PM

I have been trying to setup an IPSec Tunnel between VPN3000 and Checkpoint Fw1, but it doesnt seem to work. I have done the setup based on Cisco documents. Also the box to which i am trying to setup the IPSec tunnel with is behind another PIX FW which is between the Checkpoint FW1 and the end machine. Any help is welcomed....

Labels:
0 Helpful
1 Reply 1

cjacinto
Cisco Employee
Cisco Employee

‎03-16-2002 06:59 PM

You could turn on the following event logs on the concentrator:

auth

authdbg

ike

ikedbg

ipsec

ipsecdbg

log event 1-9 and see the filterable event log as you establish connection with the checkpoint and see what is not matching in phase 1 and/or 2. Also try to see if you could modify the IKE proposal on the 3000 to use DH group 1 rather 2, as sometimes Checkpoint doesn't want group 2.

0 Helpful
Customers Also Viewed These Support Documents