[Openswan Users] VPN between openswan and Checkpoint
Tuomo Soini
tis at foobar.fi
Wed Jan 10 14:45:04 EST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andreas Mueller wrote:
> Hello,
>
> we are just trying to set up a network-network VPN connection between a
> Checkpoint (VPN-1, i suppose) and an openswan (2.4.4 on suse 9.3).
That should be working combination if Checkpoint is new enough version.
> A workaround is to change the leftsubnet to HIS_IP/32, but there are 300
> hosts on the other side (some other nets in addition to the above one),
> so its not a real solution.
No that's not problem. Problem is misconfiguration at CheckPoint end. By
default checkpoint has odd habit of doing /32 tunnels instead of subnet
ones. It need to be told to do subnet tunnels.
> Is this a known problem?
It's one of the know oddities in FW-1.
- --
Tuomo Soini <tis at foobar.fi>
Linux and network services
+358 40 5240030
Foobar Oy <http://foobar.fi/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFFpUJATlrZKzwul1ERAsQdAJsGvFxF28OAD1uJI8pK5+anwDWp9gCeNVCJ
Qdjz7+oCKZUH4Ob3fRb8RDw=
=WM8S
-----END PGP SIGNATURE-----
More information about the Users
mailing list