ISAKMP negotiation error Checkpoint <-> Free S/WAN
Harry Kaplan
harry at sanwafp.com
Tue Sep 14 16:09:26 EDT 1999
Hi.
I am configuring a VPN between Checkpoint VPN-1 on Solaris and a Linux
Free S/WAN installation using ISAKMP with a pre-shared secret.
Unfortunately, the Checkpoint seems to provide very little in the way
debugging messages. The error we are getting is:
ISAKMP Log: Sent Notification: no proposal chosen <phase1 stage1>
Negotiation ID: blah blah blah
I have a case open with Checkpoint but the most so far they have
indicated is that I may have too many options checked for ISAKMP,
I have tried every combination of reduction/adding them all but
to no avail. What is not clear to me is whether this message indicates
there are not enough parameters in common or two few or if it is
ambiguous in this regard.
I have tried the config indicated in the very useful site
http://www.opus1.com/vpn/index.html but still don't get any further
than this message.
Any pointers would be greatly appreciated, I am completely new to
this.
Thanks.
-- Harry
--------------------------------
Harry A. Kaplan, Ph.D., Vice President
Sanwa Financial Products Co., LLC
1185 Avenue of the Americas, 19th Floor
New York City, New York 10036
voice (212) 407-3559
fax (212) 997-3650
e-mail harry at sanwafp.com
****************************************************************
TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com
The VPN FAQ (under construction) is available at
http://kubarb.phsx.ukans.edu/~tbird/FAQ.html
We are currently experiencing "unsubscribe" difficulties. If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com
****************************************************************
More information about the VPN
mailing list