User`s guide
Release Notes Resolved Issues from the Last Release
Release 3.5 Enhanced Support for VPN Clients
Rel. 3.5 Release Notes Page 27 of 30
9. Configuration - the Phase II Security Action.
– Click the Green Encrypt icon under the Action heading.
– Select Edit to Configure.
– Select IKE, and then click Edit.
– Select Encryption + Data Integrity (ESP).
– Set the the Encryption Algorithm = 3DES.
– Set Date Integrity = SHA1.
– Set Allowed Peer Gateway = External ANG-1102 Gateway (configured in
Step 4).
– Click OK.
NOTE
The ANG-1102 supports the following values in Peer-to-Peer Mode.
- Encryption = 3DES & DES
- Data Integrity = SHA1 & MD5
- PFS = Group 1 or No PFS
10. After configuring the Checkpoint device, select Policy > Install on the
Checkpoint menu to enable the changes.
Resolved Issues from the Last Release
The following issues have been resolved since the 3.2 release of Aurorean system
software:
! IKE Site-to-Site tunnels will not authenticate with RADIUS. Bug # 3202.
! Unknown users have disappeared from the tunnel server. Bug # 3320.
Known Issues With This Release
The following issues were identified in previous releases of Aurorean system
software:
ANG-1100
! Web Config Fails to Bar More Than 1 ANG-1100 Tunnel to Same
ANG-3000/7000
Web Config does not enforce the functional limitation of one tunnel only from
an ANG-1100 to the same ANG-3000/7000. Bug # 3728.
! ANG-1100 Web Config Session Does Not Timeout
Web Config sessions on the ANG-1100 do not time out after running for 24
hours. The session should close after a default period of inactivity. Bug # 3271.
ANG/APS-3000/7000
! SecurID Authentication Not Verified for Native Clients Over EAP