Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] IP Masquerading

To: [email protected]
Subject: [FW1] IP Masquerading
From: Bill Rogers <[email protected]>
Date: Tue, 26 Dec 2000 13:42:26 -0800
Sender: [email protected]

HISTORY:

A company we just bought out has a linux firewall that does IP Masquerading.
This allows them to VPN out from behind their firewall without setting up
NAT's for each connection.  They were recently in-house and were complaining
about how they weren't able to VPN into their home office to check email.
That they should have OWA (outlook web access) setup is regardless.  

QUESTION:

is it possible to set up a generic rule allowing VPN access from the Vlan to
VPN servers on he internet without setting up a NAT for each computer
requesting a connection?

EXAMPLE:

computer: testcomputer.blah.com  
IP:  172.25.1.75 (Vlan)

This workstation needs to connect to a VPN server on the internet.  Does it
need a NAT?  is there a generic rule I can setup that will encompass a whole
vlan?


Origin                  Dest               Service             Action

internalVlan          VPNServers       pptp                Accept




Thanks in advance
Bill

P.s.  we are currently using version 4.0 of firewall-1 on a NT4.0 platform.


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Telnet rejecting by drop rule
Next by Date: RE: [FW1] 4.1-SP3 VPN problems!
Previous by thread: [FW1] Telnet rejecting by drop rule
Next by thread: [FW1] SMTP-Security-Server vulnerable to relaying
Index(es):
- Date
- Thread