[Openswan Users] NETKEY issue with RoadWarrior connection to Checkpoint R65

[Paul Wouters]

On Thu, 17 Dec 2009, Ondrej Valousek wrote:

> I did not configure the policy properly on the firewall. Now it works fine (always glad when I can answer
> myself :-)
> Funny thing is, that the *protoport option is completely ignored (everything that belongs to the 192.168.60.x
> subnet is being tunneled to the other side).

Can you show "ip xfrm policy" and "ip xfrm state". Does it show the 1701 ports?

Paul