I have been reading all the great stuff on afp548 (what is afp548 anyway?) about IPSec and VPN.
I figured out some great stuff, but the shared secret setup doen’t seem to apply to checkpoint firewall clients. On the checkpoint firewall client for windoze It asks for a username and password. I know other users on my network have different usernames and different passwords than I do. does this mean that checkpoint firewall has more than one shared secret, or is something else screwey going on?
[quote:edc09b4d2f=”MacTroll”]Checkpoint is apparently using the xauth mechanism that is not supported by the ipsec stack in OSX.
If you admin the firewall look for a group vpn setup that will eliminate the need for passwords. Not having a checkpoint firewall I don’t know if it can do this or not.
Joel[/quote:edc09b4d2f]
Hello Joel,
well I am an Checkpoint VPN-1 admin, and I would like to get VAPOR to work with it. Unfortuanetly I am having some problems with VAPOR and our VPN-1. I am not quite sure what you mean, if you¥re asking to look for a group that will eliminate the need for passwords. Does it mean that you suggest a configuration where someone can connect to the VPN-1 without a pre-shared key (password)?
I would really like to get this goingm but I do need some more information about this.
well I am an Checkpoint VPN-1 admin, and I would like to get VAPOR to work with it. Unfortuanetly I am having some problems with VAPOR and our VPN-1. I am not quite sure what you mean, if you¥re asking to look for a group that will eliminate the need for passwords. Does it mean that you suggest a configuration where someone can connect to the VPN-1 without a pre-shared key (password)?
I would really like to get this goingm but I do need some more information about this.
Thanks,
Budy[/quote:98a424ab46]
Our company is setting up a Checkpoint VPN-1; I’m not admin, but I work closely with the guy who is, and is a Linux and OS X supporter, though we are primarily a PC shop. We are using 509 certificates. Our admin supplied my certificate last night [not using shared secrets], and it imported correctly into VPN tracker. When I first tried it with Vapor, I got some Applescript errors, which made me wonder if it was Panther-compatible. But on second try, it imported the certificate, and it *seems* to be running. But I cannot tell for sure.
Comments are closed