CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. CCSA/CCSE One-Week Dual-Certification Training Course with CPUG in San Francisco!
    Courses Starting 12/8, (2009) 1/19, 2/9, 3/9, 4/6, 5/4, 6/8, 7/6, 8/3.
2. Join Us On LinkedIn - We now have a CPUG group.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 And Related Products > VPN's (Virtual Private Networks)
What is "Encryption Failure: one of the keys is not yet valid"? What is "Encryption Failure: one of the keys is not yet valid"?
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 2005-08-14
Administrator
  
Join Date: 2005-08-11
Location: San Francisco, CA
Posts: 582
Rep Power: 10
BarryStiefel has disabled reputation
Default What is "Encryption Failure: one of the keys is not yet valid"?
What is "Encryption Failure: one of the keys is not yet valid"?



Answer What this means is that the clocks on one of the two firewalls is not correct. SKIP and IPSec with certificates rely on the date and time being the same (or close to the same) on all the machines in the VPN. Set the machines to the same time (relative to GMT, they can be in different time zones), completely regenerate the CA/DH keys for SKIP, appropriate certificates for IPSec.



-- RobertGraham - 07 Jan 2004

FAQForm FAQs.Class: EncryptionFAQs FAQs.OS: FAQs.Version:
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -7. The time now is 23:50.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0