<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Saved from the Spam bucket. Please remember to register to the mailing list before posting to it.<br><div><br><blockquote type="cite"><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="color: rgb(127, 127, 127); "><b>From: </b></span>Matteo Manzinello <<a href="mailto:matteo@manzinello.it">matteo@manzinello.it</a>></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Subject: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><b>VPN connect to Checkpoint from openswan</b><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Date: </b></span><span style="font-family:'Helvetica'; font-size:medium;">17 September, 2012 5:52:43 AM EDT<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>To: </b></span><span style="font-family:'Helvetica'; font-size:medium;">"<a href="mailto:users@lists.openswan.org">users@lists.openswan.org</a>" <<a href="mailto:users@lists.openswan.org">users@lists.openswan.org</a>><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Reply-To: </b></span><span style="font-family:'Helvetica'; font-size:medium;">Matteo Manzinello <<a href="mailto:matteo@manzinello.it">matteo@manzinello.it</a>><br></span></div><br><br><div><div style="background-color: rgb(255, 255, 255); font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "><div><font face="times new roman, new york, times, serif">Hi all,</font></div><div><font face="times new roman, new york, times, serif">I have a "Check Point Endpoint Security" R80.10 in Windows 7 and connect with pubblic IP in VPN with username/password. Is it possible create the same VPN connections in Linux environment? </font></div><div><font face="times new roman, new york, times, serif">I installed openswan on Linux Debian but this configuration (ipsec.conf) does not connect because it can not comunicate with port 500 ESP:</font></div><div><span style="font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-size: 16px; ">-------------------------------------------------------------------------------------------------------------</span><br></div><div><font face="times new
roman, new york, times, serif"># ipsec.conf - strongSwan IPsec configuration file</font></div><div><font face="times new roman, new york, times, serif">config setup</font></div><div><font face="times new roman, new york, times, serif"> plutostart=yes</font></div><div><font face="times new roman, new york, times, serif"> nat_traversal=yes</font></div><div><font face="times new roman, new york, times, serif"> plutodebug=all</font></div><div><font face="times new roman, new york, times, serif"><br></font></div><div><font face="times new roman, new york, times, serif"># Add connections here.</font></div><div><font face="times new roman, new york, times, serif"><br></font></div><div><font face="times new roman, new york, times, serif">conn remoto</font></div><div><font face="times new roman, new york, times, serif"> type=tunnel</font></div><div><font face="times new roman, new york, times,
serif"> keyexchange=ike</font></div><div><font face="times new roman, new york, times, serif"> auth=esp</font></div><div><font face="times new roman, new york, times, serif"> pfs=no</font></div><div><font face="times new roman, new york, times, serif"> authby=secret</font></div><div><font face="times new roman, new york, times, serif"> keyingtries=0</font></div><div><font face="times new roman, new york, times, serif"> forceencaps=yes</font></div><div><font face="times new roman, new york, times, serif"> compress=no</font></div><div><font face="times new roman, new york, times, serif"> auto=start</font></div><div><font face="times new roman, new york, times, serif"> #FASE 1</font></div><div><font face="times new
roman, new york, times, serif"> ike=3des-sha1-modp1024</font></div><div><font face="times new roman, new york, times, serif"> ikelifetime=86400s</font></div><div><font face="times new roman, new york, times, serif"> #FASE 2</font></div><div><font face="times new roman, new york, times, serif"> esp=3des-sha1</font></div><div><font face="times new roman, new york, times, serif"> keylife=3600s</font></div><div><font face="times new roman, new york, times, serif"> #Node my</font></div><div><font face="times new roman, new york, times, serif"> leftsourceip=%modeconfig</font></div><div><font face="times new roman, new york, times, serif"> #NODE checkpoint</font></div><div><font face="times new roman, new york, times, serif">
right=XXX.XXX.XXX.XXX</font></div><div><font face="times new roman, new york, times, serif"><br></font></div><div><font face="times new roman, new york, times, serif"># include /var/lib/strongswan/ipsec.conf.inc</font></div><div><font face="times new roman, new york, times, serif"><span style="font-size: 16px; ">-------------------------------------------------------------------------------------------------------------</span> <br></font></div><div><font face="times new roman, new york, times, serif">This is ipsec error message:</font></div><div><font face="times new roman, new york, times, serif"><br></font></div><div><font face="times new roman, new york, times, serif">giving up after 5 retransmits</font></div><div><font face="times new roman, new york, times, serif">peer not responding, trying again (2/0)</font></div><div><font face="times new roman, new york, times, serif">initiating IKE_SA remoto[1] to
XXX.XXX.XXX.XXX</font></div><div><font face="times new roman, new york, times, serif">generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]</font></div><div><font face="times new roman, new york, times, serif">sending packet: from %any to XXX.XXX.XXX.XXX[500]</font></div><div><font face="times new roman, new york, times, serif">retransmit 1 of request with message ID 0</font></div><div><font face="times new roman, new york, times, serif">sending packet: from %any to XXX.XXX.XXX.XXX[500]</font></div><div><font face="times new roman, new york, times, serif">retransmit 2 of request with message ID 0</font></div><div><font face="times new roman, new york, times, serif">sending packet: from %any to XXX.XXX.XXX.XXX[500]</font></div><div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "><br></div><div style="background-color: transparent; "><div style="background-color: transparent; "><font face="times new
roman, new york, times, serif">I have a proxy and has been set with variable http_proxy.</font></div><div style="background-color: transparent; "><font face="times new roman, new york, times, serif">please, can someone help me</font></div></div></div></div><br><br></blockquote></div><br></body></html>