[ previous ] [ next ] [ threads ]
 From:  "Kimmo Jaskari" <kimmo dot jaskari at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: VPN m0n0 - checkpoint broken
 Date:  Thu, 1 Jun 2006 17:19:50 +0300
On 4/21/06, Kimmo Jaskari <kimmo dot jaskari at gmail dot com> wrote:

> I'm running a 1.22 and have been running a VPN between my at-home m0n0
> and the Checkpoint Firewall-1 at work. When I set that up with version
> 1.20 it worked like a charm. However, I haven't felt the same need to
> use it lately due to changes in what I do at work, but now that I do
> need it it just doesn't want to cooperate. Only thing that has changed
> now is that I'm running on 1.22.
> Here's the log output of me trying to connect. I've altered the
> gateway ip numbers, nothing else. 213.xxx is the m0n0, 194.xxx is the
> FW-1. There are actually two tunnels set up below to two separate
> inernal networks at work. Sorry for the spammage! ;)
> I'd appreciate tips and pointers as to what might be off. I've tried:
> 3des/sha1/1024k
> switching to 3des/md5 instead
> re-entering the shared secret
> re-creating the entire tunnel in m0n0 from scratch
> double-checked settings in FW-1

- snipped the looong log output-

Just to add the resolution to this, I thought I'd answer myself. This
VPN hasn't been high priority so I only had time to tackle it again

The problem was that while both the Checkpoint and my m0n0 had the
pre-shared key entered and it looked fine, the Checkpoint side
(probably) had somehow managed to scramble it or otherwise lose track.
The management interface showed it as entered and proper, but what
finally bought the VPN back to life was changing, not just
re-entering, the pre-shared key on both ends.

It didn't in fact have anything to do with the m0n0, and especially
not the m0n0 version, just a coincidence that I upgraded around when
the connection died. Ah well. :)

-{ Kimmo Jaskari }--{ kimmo dot jaskari at gmail dot com }--

Progress isn't made by early risers. It's made by lazy men trying to
find easier ways to do something.
  - Robert Heinlein