[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] SecuRemote client with unrouteable ip address
I am experiencing a problem involving an SR client with an unroutable 192.168.x.y ip address behind a Hide NAT gateway. This client can authenticate, but not connect to a server in my Encryption Domain behind a v4.0 SP7 FW-1 box. I am using ISAKMP 3DES and have followed all the Phoneboy FAQ's. I guess my basic question is can FW-1 handle the 192.168.x.y ip address it sees when it decrypts & decapsulates the ip 50 packets it receives from the SR client mentionned above? The last log message seen before things die is the below: keyinst fw >daemon proto ip src 192.168.1.3 dst ... srckeyid ... dstkeyid ... rule 0 scheme: ISAKMP methods: Combined ESP: 3DES + SHA1 (phase 2 completion) Someone must have this working out there - am I missing something simple? __________________________________________________ Do You Yahoo!? Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|