chekcpoint & netscreen

[gizbourn]

I am having a good deal of confusing problems trying to tunnel a vpn from a checkpoint 4.1 box into a netscreen 10. I have tried the obviouse routes that would normally make it work, but it still doesn't want to play.

the problem is that the checkpoint box is with the other company and we run netscreen which seems infinately less complicted that checkpoint so they are fiddling with their side.

However i was just wondering if there were any hidden settings that need adjusting or if anyone knows of any anomilies with this set up

 

[Netwontwork]

make sure that your peer names / node names match EXACTLY at either end.

Smokescreens don't like seeing different names at either end of the config - even when it's smokescreen to smokescreen!

 

[rn4it]

What kind of errors are you getting, we use CP and netscreens for vpn and have very little problems. Depending how you want to do the tunnel, make sure both sides have the same settings (Phase1 and Phase2 proposals, same shared secrets, etc) on the CP side their will need to have the proper rules in place for the keyexchange and transport. Any problems I've ever had it was alway a misconfig, ie one side set to 3DES the other set to DES.

hope this helps