Firewall Wizards mailing list archives
IPSec VPN using Symantec VPN Appliances
From: "Larry Youngquist" <lyoungquist () hotmail com>
Date: Mon, 9 Sep 2002 11:25:25 -0700
We're trying to establish a IPSec VPN tunnel between two Symantec VPN appliances and receiving an error after the tunnel has been established. I have one unit on a screened subnet sitting behind a Checkpoint NG firewall and another on a public interface. The Checkpoing NG firewall has a policy of allowing IPSec through it (UDP 500, IP 50 and IP 51). The negotiation between the two devices starts and the ISAKMP and IPSec SA's are established. But almost immediately, I get an error message from the one end that states, "ERR:size (300) differs from size specified in ISAKMP HDR (40) (null): Unequal_Payload_Lengths". The connection is then terminated. Is it possible that the firewall is modifying the packets as they pass through? We're using a pre-shared secret and tested these units in the lab with only a router between them. Thanks in advance, Larry _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- IPSec VPN using Symantec VPN Appliances Larry Youngquist (Sep 09)
- Re: IPSec VPN using Symantec VPN Appliances 1337 h4x0r (Sep 10)
- <Possible follow-ups>
- Re: IPSec VPN using Symantec VPN Appliances Larry Youngquist (Sep 10)