Comments on: IPsec and ALMOST CheckPoint http://www.imacandi.net/windancer/2010/01/26/ipsec-and-almost-checkpoint.html "You know my methods, Watson..." Thu, 09 Feb 2012 13:55:28 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: cristina_crow http://www.imacandi.net/windancer/2010/01/26/ipsec-and-almost-checkpoint.html/comment-page-1#comment-4774 cristina_crow Tue, 22 Jun 2010 13:38:34 +0000 http://www.imacandi.net/windancer/?p=1557#comment-4774 @joe: hmm, not really. Not for RemoteAccess anyway - PSK and not with Office Mode (as they call the ModeCfg). I managed to run Site-to-Site very well - both PSK and RSA, and also RemoteAccess - RSA only without Office Mode. @joe: hmm, not really. Not for RemoteAccess anyway – PSK and not with Office Mode (as they call the ModeCfg).

I managed to run Site-to-Site very well – both PSK and RSA, and also RemoteAccess – RSA only without Office Mode.

]]> By: joe http://www.imacandi.net/windancer/2010/01/26/ipsec-and-almost-checkpoint.html/comment-page-1#comment-4773 joe Tue, 22 Jun 2010 13:18:33 +0000 http://www.imacandi.net/windancer/?p=1557#comment-4773 Hey, I was just wondering: did you ever manage to solve this problem? Hey, I was just wondering: did you ever manage to solve this problem?

]]> By: cristina_crow http://www.imacandi.net/windancer/2010/01/26/ipsec-and-almost-checkpoint.html/comment-page-1#comment-3849 cristina_crow Sat, 20 Feb 2010 23:02:17 +0000 http://www.imacandi.net/windancer/?p=1557#comment-3849 @ricardo: cool; thanks a lot for the comment; I've always wanted to try out racoon, maybe now it's the time to do that :) @ricardo: cool; thanks a lot for the comment; I’ve always wanted to try out racoon, maybe now it’s the time to do that :)

]]> By: riccardo http://www.imacandi.net/windancer/2010/01/26/ipsec-and-almost-checkpoint.html/comment-page-1#comment-3845 riccardo Sat, 20 Feb 2010 17:32:06 +0000 http://www.imacandi.net/windancer/?p=1557#comment-3845 I've succesfully followed the guide at http://www.fw-1.de/aerasec/ng/vpn-racoon/CP-VPN1-NG-Linux-racoon-roadwarrior.html with only minor changes. On my setup I had to disable server cert verification, because CP hands you conflicting informations. So my remote config on client is remote x.x.x.x { exchange_mode_main; certificate_type x509 "server.pem" "serverkey.pem"; my_identifier asn1dn; peers_identifier asn1dn; verify_cert off; proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method rsasig; dh_group modp1024; } } I’ve succesfully followed the guide at http://www.fw-1.de/aerasec/ng/vpn-racoon/CP-VPN1-NG-Linux-racoon-roadwarrior.html
with only minor changes. On my setup I had to disable server cert verification, because CP hands you conflicting informations.
So my remote config on client is

remote x.x.x.x {
exchange_mode_main;
certificate_type x509 “server.pem” “serverkey.pem”;
my_identifier asn1dn;
peers_identifier asn1dn;
verify_cert off;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method rsasig;
dh_group modp1024;
}
}

]]>