<div>
- Remote Gateway must be configured as an Interoperable device<br />
<br />
Why ? &nbsp;This is only for other IPSEC equipment, like Cisco PIX, Netscreen, Nortel etc.
</div>


- Remote Gateway must be configured as an Interoperable device

Why ?  This is only for other IPSEC equipment, like Cisco PIX, Netscreen, Nortel etc.

<div>
tim_holman is right, you just set it up as another checkpoint device, running 4.1<br />
I think there are some issues with Diffie Hellman keys, if you are using Perfect Forward Secrecy on Phase 2 IPSEC.<br />
I believe 4.1 using DH keys 2 (which you cannot change), NG defaults to DH 1 though. You can change this though to DH 2.
</div>


tim_holman is right, you just set it up as another checkpoint device, running 4.1
I think there are some issues with Diffie Hellman keys, if you are using Perfect Forward Secrecy on Phase 2 IPSEC.
I believe 4.1 using DH keys 2 (which you cannot change), NG defaults to DH 1 though. You can change this though to DH 2.

<div>
<div class="content wysiwyg-content">
I am attempting to configure Checkpoint Express Gateway to Gateway IPSEC VPN with the following parameters:<br />
<br />
- Both sites are using Checkpoint (Local: Checkpoint Express NG, remote: Checkpoint Firewall1/VPN1 4.1)<br />
- Remote Gateway must be configured as an Interoperable device<br />
- IKE and pre-shared key<br />
<br />
Is there any documentation available anywhere that would give me some detailed instructions on how this is done? &nbsp;I have attempted using documentation from Checkpoints website, but that doesn't seem to help. &nbsp;I also have the latest Checkpoint NG book (Phoneboy's) but the specific example doesn't work for me. This must be relatively simple, but I am not having much luck.
</div>
</div>


I am attempting to configure Checkpoint Express Gateway to Gateway IPSEC VPN with the following parameters:

- Both sites are using Checkpoint (Local: Checkpoint Express NG, remote: Checkpoint Firewall1/VPN1 4.1)
- Remote Gateway must be configured as an Interoperable device
- IKE and pre-shared key

Is there any documentation available anywhere that would give me some detailed instructions on how this is done?  I have attempted using documentation from Checkpoints website, but that doesn't seem to help.  I also have the latest Checkpoint NG book (Phoneboy's) but the specific example doesn't work for me. This must be relatively simple, but I am not having much luck.

Checkpoint Express Gateway to Gateway IPSEC VPN

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.