[strongSwan] VPN to CheckPoint with NAT
Jakob Curdes
jc at info-systems.de
Mon Dec 2 15:22:20 CET 2013
Am 02.12.2013 14:47, schrieb Thomas Liesner:
> Hi all,
>
> i am trying to accomplish a vpn connection via strongSwan 4.6.1 to a
> bigger CheckPoint gateway. strongSwan is built into a Gateprotect
> security appliance.
>
>
> > Ike:: Auth exchange: Sending notification to peer:
> Traffic selectors unacceptable
We have an IPSec connection to a checkpoint FW but it works only when
triggered by the checkpoint side. It appears that CP has a rather
strange concept for deciding which traffic to put where; essentially as
I see it this breaks basic concepts like routing etc. What happens if
you let the checkpoint start the connection?
JC
More information about the Users
mailing list