Re: opens/wan <-> nokia checkpoint seems to persist in trying a
'weird IPsec SA' / what does [S-C] indicate in the log ?
paul at xelerance.com
Wed Jun 22 17:42:30 CEST 2005
On Wed, 22 Jun 2005, Albert Siersema wrote:
> I'm trying to set up a network<->network (tunnel mode) tunnel with a nokia
> checkpoint firewall. No problems with freeswan but after upgrading to
> openswan we're in trouble.
> The network<->network tunnel (ISAKMP+IPsec SA) seems to be up&running with
> this config:
> (yes i know, tunnel is the default type anyway and 480m == 28800 :-).
> At least, the log file states "IPsec SA established" (along with ISAKMP SA of
> course) and i'm able to ping a host in the 10.1 network.
> However, the log files keep mentioning:
> cannot respond to IPsec SA request because no connection is known for
These are all /32's and not /16's. Perhaps you need to change an option from IPADDR
to SUBNET on your Nokia?
More information about the Users