Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
383
Views
0
Helpful
4
Replies

pix to checkpoint 4.1

Not applicable

‎06-29-2005 05:45 AM - last edited on ‎02-21-2020 12:14 AM by Community Manager

At a loss. We are trying to set up a site-to-site with a pix 501 and checkpoint 4.1. The ike tunnel comes up but we see an error in phase 2. We have verified all timers numerous times. the error in debug is:

SAKMP (0): atts are acceptable.

ISAKMP: IPSec policy invalidated proposal

ISAKMP (0): SA not acceptable!

ISAKMP (0): sending NOTIFY message 14 protocol 3

return status is IKMP_ERR_NO_RETRANS

Anyone have any ideas? We have also tried md5 and sha and get same results.

Greg

0 Helpful
4 Replies 4

jmia
Level 7
Level 7

‎06-29-2005 05:58 AM

Greg,

Have you checked this document:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094ac4.shtml

Hope this helps and if it does please rate post.

0 Helpful

jmia
Level 7
Level 7
In response to jmia

‎06-29-2005 06:02 AM

Greg,

Sorry posted the wrong URL, here is the one for PIX to Checkpoint 4.1

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008009420f.shtml

Jay

0 Helpful

Not applicable
In response to jmia

‎06-29-2005 06:26 AM

Yes I was all over that document, thanks!

0 Helpful

Not applicable

‎06-29-2005 06:25 AM

Sorry this issue is fixed. It was a mismatch on access lists... I was defining the hosts I can access on his network while he let me have access to the whole network.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card