Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
428
Views
0
Helpful
3
Replies

Netscreen-VPN3000 certificate-base VPN interoperability

Go to solution
e.l
Level 1
Level 1

‎12-20-2002 12:47 AM - edited ‎02-21-2020 12:14 PM

Dear All,

Does anyone success to configure certificate-base VPN between NetScreen and VPN3000 ? We got the IKE (Phase1) established but no Phase2 session. Seems like there is an issue with the cert (we are using Entrust to generate cerficates). Would be very appreciate for any help

Best Regards,

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jfrahim
Level 5
Level 5

‎12-23-2002 11:11 AM

Hi there,

Cert checking/validation is a part of IKE phase 1. If you are passing phase1, then cert should not be an issue

You should enable IKE, IKEDBG,IPSEC

Jazib

View solution in original post

0 Helpful
3 Replies 3

Go to solution
jfrahim
Level 5
Level 5

‎12-23-2002 11:11 AM

Hi there,

Cert checking/validation is a part of IKE phase 1. If you are passing phase1, then cert should not be an issue

You should enable IKE, IKEDBG,IPSEC

Jazib

0 Helpful

Go to solution
e.l
Level 1
Level 1
In response to jfrahim

‎12-24-2002 02:11 AM

Thanks, we are able to pinpoint the problem. It was something wrong with the cert. After we create a new cert and import it to both devices, they can negotiate the VPN without problem. The configuration is very simple, just a plain certificate-base VPN LAN2LAN.

Best Regards,

Engelhard

0 Helpful

Go to solution
nmalho
Level 1
Level 1
In response to e.l

‎06-02-2003 09:59 AM

Hi, I'm also having similar problems. Can you please send me the details of how you did the config.

Thanks,

Naveen

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents