The PhoneBoy Blog


Simplifying Telecom, Mobile Phones, Gadgets, Health, and More!

FireWall-1 FAQ: Where did the "Encrypt" action go?

Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.


I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.


If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)


In NG, the default is to create a “Simplified” policy which makes use of the new VPN Communities feature, which is supposed to make setting up a VPN easier. However, multi-vendor VPNs in FP2 and prior of FireWall-1 NG can only be set up with “traditional” encryption rules.

You will need to create a new rulebase in “traditional” style. You should be given this option upon creating a new policy. If you do not, go to Global Properties, VPN-1 Pro frame and change the VPN Configuration method to either “Traditional Mode” or “Traditional or Simplified Mode.”

No, you cannot convert a “simplified” policy into a “traditional” policy, so you will have to re-create your rulebase.

#Cybersecurity Evangelist, Podcaster, #noagenda Producer, Frequenter of shiny metal tubes, Expressor of personal opinions, and of course, a coffee achiever.