[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] openvpn + checkpoint fw1



Hi,

I guess your trying to use the opnevpn software to connect to a
Checkpoint NG55 Firewall. 

Since the NG55 uses a technologie called IPSEC (AFAIK) and OpenVpn does use a
different Technologie (TLS/SSL) this is not possible without major
modifications on one of both. I guess that no one of both is willing to do
this moduifications.

Usualy one would say "That's not possible" while meaning that it would
realy be a big big chunk of work making it possible. And it would realy
make not much sense to do so.

I recoomend you to look out for a fitting client for your NG55 to use,
openvpn is IMHO not what you want to use if you cant change the server
side. If you can, OpenVpn is what I would recommend, but if you can't
search your luck elsewhere.

Greetings

Andy 

On Thu, 27 Jul 2006 15:54:42 +0200
_ukasz 'LCF' Jagie__o <lukasz.jagiello@xxxxxxxxxxxxxxxx> wrote:

> Hi all
> 
> >From few days trying connect with openvpn into checkpoint fw1 ng55 with no
> luck :( Anyone know solution couse i know i have to set 3DES,MD5 in ike phase
> I + II and  PSK, but i cant find such option. I try:
> 
> #v+
> openvpn --remote X.X.X.X --proto tcp-client --dev tun
> #v-
> 
> but,
> 
> #v+
> Thu Jul 27 15:52:14 2006 OpenVPN 2.1_beta14 i386-redhat-linux-gnu [SSL] [LZO1]
> [EPOLL] built on Apr 14 2006
> Thu Jul 27 15:52:14 2006 ******* WARNING *******: all encryption and
> authentication features disabled -- all data will be tunnelled as cleartext
> Thu Jul 27 15:52:14 2006 TUN/TAP device tun0 opened
> Thu Jul 27 15:52:14 2006 Attempting to establish TCP connection with
> X.X.X.X:1194 [nonblock]
> Thu Jul 27 15:52:24 2006 TCP: connect to X.X.X.X:1194 failed, will try again
> in 5 seconds: Connection timed out
> #v-
> 
> So nothink happend, like wrong port or somethink. I spend alot of time in
> google, but nothink usefull find. Anyone got idea what i should do ? Pls help
> any idea whould be cool (beside change checkpoint into openvpn, couse i cant
> do this ;D)
> 
> -- 
> *|    __   _________                                          |*
> *|   / /  / ___/ __/  _ukasz Jagie__o                         |*
> *|  / /__/ /__/ _/    email : lcf<at>zjednoczenie<dot>com     |*
> *| /____/\___/_/      ul. Czy_ewskiego 14 80-336 Gda_sk-Oliwa |*
> 
> 
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users