Cisco
--
Questions
--
Followers
Top Experts
site to site VPN between Cisco ASA 5520 and checkpoint
Hi All,
 I need an urgent help in configuring vpn site to site between asa 5520 and checkpoint  FW in another  country
Remote county details:
Gateway: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 10.10.20.1
Encryption Domain(s): Â Â Â Â Â Â Â Â Â 192.230.230.200
                        Â
Â
Â
VPN traffic direction ( from my cisco asa 5520 to other country checkpoint )
Source                    Destination              Service
62.62.10.1 Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 192.230.230.200 Â Â Â Â Â Â Â Â Â FTP
                  Â
                        Â
 Below Configuration parameters sent by checkpoint administrator
Â
Encryption Scheme defined:
Â
Â
Phase 1 Encryption Method: Â Â Â Â Â Â Â Â Â Â Â Â Â Â 3DES
Phase 1 Hash Method: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â MD5
Phase 2 Encryption Method: Â Â Â Â Â Â Â Â Â Â Â Â Â Â 3DES
IKE &Â IPSEC Hash Method: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â SHA1
DH Group: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Diffie Hellman Group 2
Security Association (SA) timers
Renegotiate IKE SA every                 64800 seconds ( 18hrs)
Renegotiate IPSEC SA every               3600 seconds
Aggressive Mode: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â No
Support Perfect forward Secrecy: Â Â Â Â Â Â Â Â Â Â YES
Shared Secret: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â ************
Gateway: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 62.62.10.1
please advise whats the asa 5520 configuration to be done from my side to connect to their checkpoint, i have tried creating site to site using cisco ASDM but still unable to connect, is there any specific config for checkpoint to work.. please advise
 I need an urgent help in configuring vpn site to site between asa 5520 and checkpoint  FW in another  country
Remote county details:
Gateway: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 10.10.20.1
Encryption Domain(s): Â Â Â Â Â Â Â Â Â 192.230.230.200
                        Â
Â
Â
VPN traffic direction ( from my cisco asa 5520 to other country checkpoint )
Source                    Destination              Service
62.62.10.1 Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 192.230.230.200 Â Â Â Â Â Â Â Â Â FTP
                  Â
                        Â
 Below Configuration parameters sent by checkpoint administrator
Â
Encryption Scheme defined:
Â
Â
Phase 1 Encryption Method: Â Â Â Â Â Â Â Â Â Â Â Â Â Â 3DES
Phase 1 Hash Method: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â MD5
Phase 2 Encryption Method: Â Â Â Â Â Â Â Â Â Â Â Â Â Â 3DES
IKE &Â IPSEC Hash Method: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â SHA1
DH Group: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Diffie Hellman Group 2
Security Association (SA) timers
Renegotiate IKE SA every                 64800 seconds ( 18hrs)
Renegotiate IPSEC SA every               3600 seconds
Aggressive Mode: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â No
Support Perfect forward Secrecy: Â Â Â Â Â Â Â Â Â Â YES
Shared Secret: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â ************
Gateway: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 62.62.10.1
please advise whats the asa 5520 configuration to be done from my side to connect to their checkpoint, i have tried creating site to site using cisco ASDM but still unable to connect, is there any specific config for checkpoint to work.. please advise
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Hi Arnold
my local ip range is 192.168.14.x/24 and the remote I have only one IP 192.230.230.200 FTP
I'm using ASDM.
my local ip range is 192.168.14.x/24 and the remote I have only one IP 192.230.230.200 FTP
I'm using ASDM.
SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
192.230.230.200 Â is the local IP in the other country, their WAN is 10.10.20.1.
192.168.14.x/24 Â is my local network and my WAN interface is 62.62.10.1
192.168.14.x/24 Â is my local network and my WAN interface is 62.62.10.1
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
Cisco
--
Questions
--
Followers
Top Experts
Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).