RE: FW: NetScreen Issue (fwd)

[Paul Robertson <proberts () patriot net>]

This was copied to -admin instead of the list...

---------- Forwarded message ----------
Date: Tue, 3 Sep 2002 15:40:19 +0200
From: C. Worms <cworms () sansoft nl>
To: gillis () nslc org
Cc: firewall-wizards-admin () honor icsalabs com
Subject: RE: [fw-wiz] FW: NetScreen Issue

Robert,

If the WAN connection on the client side (or server side) 
is using NAT then you cannot use SHA-1, but you have to 
use MD5 as a HASH algorithm. I bet this is your problem.

Good Luck

Mr. C. Worms, NEThology (cworms () nethology nl)

> -----Oorspronkelijk bericht-----
> Van: firewall-wizards-admin () honor icsalabs com 
> [mailto:firewall-wizards-admin () honor icsalabs com] Namens 
> Robert Gillis
> Verzonden: dinsdag 3 september 2002 15:10
> Aan: firewall-wizards () honor icsalabs com
> Onderwerp: [fw-wiz] FW: NetScreen Issue
>
>
> Hope someone can help me - I am kind of stuck and unsure how 
> to move forward on this issue.
>
> Situation is as follows:
>
> Have a NetSceen 100 - use Netscreen remote software to 
> connect to VPN via dialup.
>
> VPN works like a charm, can browse internal network - do 
> everything else with no issues.
>
> Turn off the VPN, disconnect the dial-up.  Plug in the LAN 
> cable - it goes to a router connected to a DSL line - static 
> IP.  LAN now active, can browse internet fine.
>
> Activate VPN - does not work.  Nothing gets logged as if 
> there was an error.  But I cannot ping any internal addresses 
> which I could on dialup.
>
> I have looked at the setting extensively, as well as 
> Netscreen technical support - but I can't find any clues as 
> to where to look.
>
> Any ideas?  
>
> Thanks in advance.
>
> Robert Gillis
> Systems Administrator
> National Student Clearinghouse
> 703-733-4198
> gillis () studentclearinghouse org
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation


***********************************************************************
This message is intended only for the use of the intended recipient and
may contain information that is PRIVILEGED and/or CONFIDENTIAL.  If you
are not the intended recipient, you are hereby notified that any use,
dissemination, disclosure or copying of this communication is strictly
prohibited.  If you have received this communication in error, please
destroy all copies of this message and its attachments and notify us
immediately.
***********************************************************************

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards