[Openswan Users] VPN connect to Checkpoint from openswan
Matteo Manzinello
mmanzinello at yahoo.it
Mon Sep 17 08:46:42 EDT 2012
Hi all,
I have a "Check Point Endpoint Security" R80.10 in Windows 7 and connect with pubblic IP in VPN with username/password. Is it possible create the same VPN connections in Linux environment?
I installed openswan on Linux Debian but this configuration (ipsec.conf) does not connect because it can not comunicate with port 500 ESP:
-------------------------------------------------------------------------------------------------------------
# ipsec.conf - strongSwan IPsec configuration file
config setup
plutostart=yes
nat_traversal=yes
plutodebug=all
# Add connections here.
conn remoto
type=tunnel
keyexchange=ike
auth=esp
pfs=no
authby=secret
keyingtries=0
forceencaps=yes
compress=no
auto=start
#FASE 1
ike=3des-sha1-modp1024
ikelifetime=86400s
#FASE 2
esp=3des-sha1
keylife=3600s
#Node my
leftsourceip=%modeconfig
#NODE checkpoint
right=XXX.XXX.XXX.XXX
# include /var/lib/strongswan/ipsec.conf.inc
-------------------------------------------------------------------------------------------------------------
This is ipsec error message:
giving up after 5 retransmits
peer not responding, trying again (2/0)
initiating IKE_SA remoto[1] to XXX.XXX.XXX.XXX
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
sending packet: from %any to XXX.XXX.XXX.XXX[500]
retransmit 1 of request with message ID 0
sending packet: from %any to XXX.XXX.XXX.XXX[500]
retransmit 2 of request with message ID 0
sending packet: from %any to XXX.XXX.XXX.XXX[500]
I have a proxy and has been set with variable http_proxy.
please, can someone help me
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20120917/43647d68/attachment.html>
More information about the Users
mailing list