CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. Come to CPUG CON 2008 EUROPE in Switzerland on September 8th - 9th!
    Two days full of technical content for Check Point administrators in the beautiful Swiss Alps!
    We already have sign-ups from twelve different countries!
2. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 7/14, 8/25, 10/6, 11/3, 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8.
3. Corrent S3500 SecureXL Turbocards For Sale - Last Six Remaining - Get Your Spares!
4. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > Miscellaneous
Reload this Page AT&T global network client Problems
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2007-11-01
Producer Producer is offline
Junior Member
  
Join Date: 2006-02-23
Location: Cape Cod, MA
Posts: 14
Rep Power: 0
Producer has an average reputation (10+)
Default AT&T global network client Problems
This is a very interesting problem.

We have a client using the AT&T global network client.

They can not connect and I get this as an error on the FW. I replaced the IP's with descriptions.

Quote:
Number: 528053
Date: 1Nov2007
Time: 10:08:36
Product: VPN-1 Power/UTM
Interface: eth1c0
Origin: cchcfw2
Type: Log
Action: Drop
Protocol: 50
Source: INTERNAL CLIENT IP
Destination: cchcfwcluster (OUR EXTERNAL FIREWALL IP)
SmartDefense Profile: Default_Protection
Information: encryption fail reason: Packet is dropped because an IPsec SA associated with the SPI on the received IPsec packet could not be found
It looks like the client is trying to establish a VPN with our External IP and not the AT&T network.

Smart defense error? Nat problem? Encryption domain?

Thanks in Advance.
__________________
-Bradley
Reply With Quote
  #2 (permalink)  
Old 2007-11-01
mcnallym mcnallym is offline
Senior Member
  
Join Date: 2007-06-04
Posts: 857
Rep Power: 2
mcnallym has an average reputation (10+)
Default Re: AT&T global network client Problems
What address have they put in the ATT client. I suspect that is probably why trying to connect to your gateway.
Reply With Quote
  #3 (permalink)  
Old 2007-11-02
Producer Producer is offline
Junior Member
  
Join Date: 2006-02-23
Location: Cape Cod, MA
Posts: 14
Rep Power: 0
Producer has an average reputation (10+)
Default Re: AT&T global network client Problems
Naw, answer was a one to one nat. Does not work with hide nat. ty though.
__________________
-Bradley
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 01:06.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.0.0