I have been trying real hard to figure this out but now I am wondering if it is possible at all. We have a customer who wants to setup an IPSec vpn tunnel with them to securely transfer files. The configuration is below ...
They finally made the change to the encryption domain to the one ip address and I can successfully pass traffic through. Thanks again for all the help.Thanks,Ted
Thanks again for your insight. I have made the request to have the encryption domain changed but that will most likely take a couple days before they get it done. I will post back the result.Thanks,Ted
Thanks a bunch for looking this over and sharing your knowledge with regard to the checkpoint cfg. You are correct in all your assumptions from my ASA cfg.I know for a fact that they set the encryption domain on the checkpoint side to 68.72.236.0/24....
I found this documentation on Cisco's site(http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808c9950.shtml) which bestdepicts my situation and found out that I indeed was configuring itlike this already but ...