Sometimes you do not need a detailed log-analysis but several simple one-liners that you can adjust without too much thinking how it works, what you did last time, etc. The examples below are absolutely NOT optimal, but rather modular for easy line-editing.
Tag: firewalls
Encryption failure: Received a cleartext packet within an encrypted connection
Recently I’ve stumbled upon a strange looking site-to-site (CheckPoint R70 to Cisco VPN3k) VPN problem:
Connections from some networks were dropped with the following error:
Encryption failure: Received a cleartext packet within an encrypted connection
The first step was to check the encryption domains for the tunnel. In both GUI and /etc/fw/conf/user.def the encryption domain was the whole class B network, assigned to the company.
Next step was tracing.
Continue reading “Encryption failure: Received a cleartext packet within an encrypted connection”
CheckPoint Firewall policy parsers and converters
- cpfw2ns – Checkpoint to Juniper converter (outdated?)
- FWdoc – CheckPoint converter, verifier, parser
- Fortinet – Checkpoint – Cisco – Netscreen converter
- Cisco Security Conversion Tool (SCT) – CheckPoint – ASA
- CPRules – CheckPoint to HTML converter