[vpn-help] Shrew (debian lenny) to Checkpoint NGX R65

Luca Arzeni l.arzeni at gmail.com
Sat May 1 12:16:34 CDT 2010


Hi there,
I'm trying to connect a client (debian lenny) with a checkpoint firewall NGX
R65.
I can connect with a securemote client from a window XP client to a network
behind the firewall.
The same connection fails under linux, using Shrew.

I followed the instructions on the shred site, with one difference: I'm
using a mutual RSA authentication (I have no password... anyway the
administrator of the firewall says that he cannot set any password on the
firewall, so this should be correct).
I use the DN of the certificates as id of the client and of the firewall.

The connection fails after phase1, complaining that peer received a
MALFORMED-PAYLOAD.

I must say that I have no firewall certificate, tha admin says that he has
no knowledge of a FW certificate. In the securemote client, I extracted a
certificate from the cert(:xxx) string but it's the certificate of the ca,
and I'm using that one as certificate for the other endpoint.

Is there anyone that has successfully connected from a linux client to a
check point NGX R65?

Any hint will be accepted.

Thanks, larzeni
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shrew.net/pipermail/vpn-help/attachments/20100501/2e4490ca/attachment.html>


More information about the vpn-help mailing list