[strongSwan] Please help - Using strongSwan to connect to CheckPoint VPN-1
Sucha Singh
soorma_j4tt at yahoo.co.uk
Sun Feb 28 13:04:36 CET 2010
Hi,
I'm looking to use strongSwan to connect to my company CheckPoint VPN, as I am new to Linux and networking I am really struggling to get anything working. I have a Actividentity token that generates a password that authenticates against a RADIUS server, below is a list of facts I know from my CheckPoint config from Windows:
I have an IP address for company site
Authentication - Challenge Response
NAT-T protocol - enabled
Office Mode - enabled
Use NAT traversal tunneling - enabled
IKE over TCP - enabled
Force UDP encapsulation - enabled
I have attempted to use the Network Manager GUI to connect but it fails with "VPN service failed to start", the syslog file contains a host of errors. The settings I attempted were:
Gateway:
Address - IP address of my company site
Certificate - None
Client:
Authentication - EAP
Username - My id I use for my token to generate password
Options -
Request an inner IP address - unchecked
Enforce UDP encapsulation - checked
Use IP compression - unchecked
My questions would be:
1) Does strongSwan support the protocols/authentication methods I describe for CheckPoint VPN
2) If yes, then does my setup through Network Manager look correct
3) If yes, then is it a case of posting the sys.log errors for someone to kindly look at
I appreciate anyone's help and time with this.
Regards,
Jana
More information about the Users
mailing list