Dr.VPNlabs		Discussion		Newsletter

Search VPN Topics  All Categories  Primers  VPN, Firewall, Security ...  Guides  HowTo, Choosing a VPN ...  Reference  Articles, FAQs, Whitepapers ...  Standards  Architectures, Protocols ...  Downloads  VPN, Firewall, Security ...  Products & Services  Hardware, Software, Services  Organizations  Business  Market Research, Law ...  Forums  News  Archive, Events, Newsletters ...   VPN labs is an open community for researching, testing, reviewing, and discussing Virtual Private Networks. Get trusted, unbiased advice on just about everything related to VPN. For more detail check: How to use this site. VPN Labs - VIRTUAL PRIVATE NETWORKS - Free VPN Software and Virtual Private Network News.

VPN Forum Technical Topic: LAN TO LAN W. NETSCREEN TO PIX [New Topic]  [New Reply]  Author  Message jboyson Member since: 2002-08-23 10:49:23   posted: 2002-08-23 10:52:18 LAN to LAN w. Netscreen to PIX ---------- Has anyone done a vpn with Netscreen to PIX. I'm looking for documentation or any help. I've used PIX to PIX docs and NS to NS docs. No success yet. Thanks in advance. metro305 Member since: 2002-09-12 02:53:48   posted: 2002-09-12 03:03:58 Some articles that might aide you. ---------- Perhaps these KBs may help you set up LAN to LAN with Netscreen to PIX. ============= = Solution ID: nskb857 Resolution: VPN to Cisco PIX fails due to XAuth and Config Mode Incompatibilities in ScreenOS 3.1 and below Cisco PIX 6.0 enables x-auth and config-mode by default. If using ScreenOS 3.1.0 or below, disable x-auth and config-mode. When isakmp configuration is specified, add additional options for no x-auth and no config-mode. Scree nOS 4.0.0 was the first version of firmware that supported both x-auth and config-mode. Here is the problem or goal: VPN to Cisco PIX not working VPN to Cisco PIX due to XAuth and Config Mode Incompatibilities in ScreenOS 3.1 and below ====================< br> Solution ID: nskb858 Resolution: VPN Interop fails when using Address Groups Do not use address groups when configuring a VPN to a non-NetScreen gateway. VPN interop fails if you use address groups. The non-NetScreen security gateway does not know how to interpret the proxy id created by NetScreen when address group is used. Workaround: Separa te the address groups into individual address book entries. Specify individual policies on a per address book entry basis. Here is the problem or goal: VPN to Checkpoint fails VPN to Cisco PIX fails

Link to VPNlabs  |  Suggest a Link  |  Contact Us  |  About Us

© 2001 - 2005 VPNlabs.org Disclaimer