Search found 674 matches

by Peter
10 Oct 2008, 13:54
Forum: SG Discussions
Topic: PPTP With Clavister
Replies: 6
Views: 8737

Re: PPTP With Clavister

Very strange, then a possible problem is that something is blocking either the required port or protocol causing the LCP to fail. But why it would work for the Linux box i cannot say since they should be using the same connection. The rule needed in the Clavister should be a normal Nat rule with eit...
by Peter
09 Oct 2008, 13:52
Forum: SG Discussions
Topic: PPTP With Clavister
Replies: 6
Views: 8737

Re: PPTP With Clavister

Hello. LCP means that the link control protocol negotiation is stalled. It does not specify why. It can be everything from equipment in front of the Clavister that removes certain packet to delays that cause stalled negotiations. It could simply be that there is more than one client that tries to co...
by Peter
08 Oct 2008, 13:54
Forum: SG Discussions
Topic: SG 8,81 VPN IPSec Lan-to-lan with PSK errors
Replies: 2
Views: 3270

Re: SG 8,81 VPN IPSec Lan-to-lan with PSK errors

Hello.

Not sure what could cause the "IKE_INVALID_COOKIE" message. I've seen it a couple of times though. Where do you see this message? From the "ikesnoop verbose" output or from the log?

The complete message would be very useful.

Best regards
/Peter
by Peter
07 Oct 2008, 17:35
Forum: SG FAQ's
Topic: Freeing up memory for high memory consuming functions
Replies: 0
Views: 5683

Freeing up memory for high memory consuming functions

This FAQ applies to: Clavister CorePlus™ 9.X and 8.x Question: I'm using Core Version 9.X (or 8.X) and i run into a problem when i use alot of IDP signatures. Not all desired signatures can be used as my unit seems to lack the required memory. Can i somehow free up memory in order to try use them? ...
by Peter
02 Oct 2008, 10:36
Forum: SG Discussions
Topic: Coreplus 9.10 and TLS support
Replies: 1
Views: 2653

Re: Coreplus 9.10 and TLS support

Hello.

I'm not sure how you export the private key as .p12, but perhaps it's possible for you to follow the guide mentioned here in order to get this working:

viewtopic.php?f=12&t=3548

Best regards
/Peter
by Peter
01 Oct 2008, 07:48
Forum: SG Discussions
Topic: SG 50 / D-Link DFL-800
Replies: 1
Views: 3512

Re: SG 50 / D-Link DFL-800

Hello. We have examine our manual for CorePlus and found as you say it to be lacking in this particular section as well. Below is a preview of the information that will be added to the CorePlus Admin Guide regarding Certificates and CA servers. Best regards /Peter 9.2.9. Importing Certificates from ...
by Peter
29 Sep 2008, 17:40
Forum: SG Discussions
Topic: Two logical LANs in the same network
Replies: 2
Views: 3576

Re: Two logical LANs in the same network

Hello. You need 1 route and 1 rule :mrgreen: Route Lan 10.0.0.0/8 LocalIP=10.0.0.254 Rule Nat Lan 10.0.0.0/8 Wan All-nets Service=All The rule(s) can naturally be more restrictive but this is basically what you need. By using LocalIP the users on the 10.x network can use this address as their gatewa...
by Peter
29 Sep 2008, 17:32
Forum: SG Discussions
Topic: Zenoss template
Replies: 1
Views: 3049

Re: Zenoss template

Hello.

We do not have such templates at Clavister, but perhaps some of the other forum users has one :D

Best regards
/Peter
by Peter
29 Sep 2008, 17:13
Forum: SG Discussions
Topic: Problem with Checkpoint VPN client
Replies: 2
Views: 3799

Re: Problem with Checkpoint VPN client

Hello. If you are absolutely sure that you are using Service=All, that should be enough. Service=All includes all TCP/UDP/ICMP + all IP protocols (255). In other words... everything. Also make sure that this particular rule triggers correctly, you can use "rule -v" in the console (8.90 and older) to...
by Peter
22 Sep 2008, 12:00
Forum: SG Discussions
Topic: State inspector not open new connection
Replies: 4
Views: 6046

Re: State inspector not open new connection

This question was sent to both CFW users and the forums, Andreas Scholz was kind enough to offer a few suggestions on how to solve this so i'm adding his response. /Peter Hi, you have two possible solutions: 1. add an network route for LAN1 to your Internet Server ( on windows machine: "route add 19...