Firewall Wizards mailing list archives
Re: VPN Gateway And Nat
From: Fredrik Lindström <fredrik () dunenets net>
Date: Sat, 22 Feb 2003 22:39:50 +0100
Hi, I guess you're using Check Point products (VPN-1 Pro/Net) since you say you use SecuRemote. The configuration you describe is not supported in a Check Point enviroment, the VPN Gateway must always have a public IP address. Regards Fredrik
From: LE CORVIC Y InfoEdpEtcDep <Yoann.Le-Corvic () socgen com> To: "'firewall-wizards () honor icsalabs com'"
<firewall-wizards () honor icsalabs com>
Date: Fri, 21 Feb 2003 16:44:47 +0100 Subject: [fw-wiz] VPN Gateway And Nat Hi All, I have a slight problem with a VPN configuration, and wanted to know if
you
all can help. Basically, here is the situation : PROTECTED_NET-------VPNGATEWAY --------ROUTER-----ClientSecuremote The public IP Adress of the VPN GATEWAY is natted at the ROUTER, so that
the
ClientSecuremote doesn't access the real IP Adress of the VPNGATEWAY, but one on the ROUTER. The intiation sequence works, and the authentication as well, be when the network topology is downloaded, no access is possible on servers of the PROTECTED_NET. I suspect that after topology download, the real IP Adress of the gateway
is
given to ClientSecuremote, which uses it for the remaining of the communication. Is there a way to go around that problem, or is it a lost cause... ? Thanks for your help. ************************************************************************* Ce message et toutes les pieces jointes (ci-apres le "message") sont confidentiels et etablis a l'intention exclusive de ses destinataires. Toute utilisation ou diffusion non autorisee est interdite. Tout message electronique est susceptible d'alteration. La SOCIETE GENERALE et ses filiales declinent toute responsabilite au
titre de ce message s'il a ete altere, deforme ou falsifie.
******** This message and any attachments (the "message") are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited. E-mails are susceptible to alteration. Neither SOCIETE GENERALE nor any of its subsidiaries or affiliates shall
be liable for the message if altered, changed or falsified.
************************************************************************* --__--__--
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- VPN Gateway And Nat LE CORVIC Y InfoEdpEtcDep (Feb 21)
- <Possible follow-ups>
- Re: VPN Gateway And Nat Fredrik Lindström (Feb 22)
- Re: VPN Gateway And Nat Christopher Lee (Feb 24)
- Re: VPN Gateway And Nat Dave Mitchell (Feb 25)
- Re: VPN Gateway And Nat SimonChan (Feb 23)