[Openswan Users] Checkpoint VPN

Mon Oct 25 12:59:39 CEST 2004

Has anyone managed to connect an openswan to checkpoint vpn tunnel?  I'm 
trying it using v1.07 and a partner company who uses Checkpoint 4.1 
SP5a.  Right now we're having trouble in Phase 2 with error messages 
like "no proposal sent" and "recieved delete sa from peer".  I haven't 
used Checkpoint and they haven't used IPCOP so we're both kind of 
scratching our heads at the moment.  Here is my config:

conn CBE
         left=64-60-95-219.cust.telepacific.net
         leftnexthop=%defaultroute
         leftsubnet=192.168.1.0/255.255.255.0
         right=65.118.251.2
         rightsubnet=206.99.156.150/32
         rightnexthop=%defaultroute
         ike=3des-sha-modp768
         esp=3des-md5
         ikelifetime=1h
         keylife=8h
         dpddelay=30
         dpdtimeout=120
         dpdaction=hold
         authby=secret
         auto=start

-- 
Chris Berry
chris_berry at jm-associates.com
Systems Administrator
JM Associates & Coast Business Service

"This message written on our state-of-the-art beowulf cluster of 
nitrogen cooled, overclocked C64's"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20041025/d7aae9eb/signature.bin