| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] RE: PPTP thru FW1
I am sorry for sounding so foolish. I have set up static and Hide NATs
already. Actually I meant whenever I try to add a service with gre protocol
in the NAT rule (whether in a package or alone) Mgmt. console says this
service is not allowed for NAT.
Thanks
Naresh
From: Michael Tench <[email protected]>
To: Naresh Narang <[email protected]>, [email protected],
[email protected]
Subject: Re: [FW1] RE: PPTP thru FW1
Date: Tue, 1 May 2001 12:35:30 -0700 (PDT)
To perform a manual static nat:
Use the policy editor:
1) Create object "foo"
2) Create an object called "foo-external"
3) Click on the tab labeled "address translation"
4) Add a rule in the address translation policy original packet section
with
a source of object foo to destination of any. In the translation section
enter a source of foo-external and destination of any.
5) Add another rule in the address translation policy original packet
section with a source of object any and a destination of object
foo-external. In the translation section enter a source of any and a
destination of foo.
6) On the firewall create a route from foo external to foo. (In other
words,
Unix...route add 192.168.16.5 10.2.1.3 1
You can also do this automatically, but I foind that it is easier to do
this
manually if you operate a number of firewalls.
Michael Tench
On Tue, 01 May 2001 05:44:35 , Naresh Narang wrote:
>
> But how does one perform static or any NAT. Mgmt console does not let
me
do
> it.
>
> Naresh
>
>
> >From: "Carl E. Mankinen" <[email protected]>
> >To: "Naresh Narang" <[email protected]>,
> ><[email protected]>
> >Subject: RE:
> >Date: Sun, 29 Apr 2001 22:25:17 -0400
> >
> >Static NAT, yes PPTP works.
> >Hide NAT, no PPTP doesnt.
> >
> >-----Original Message-----
> >From: [email protected]
> >[mailto:[email protected]]On Behalf
Of
> >Naresh Narang
> >Sent: Saturday, April 28, 2001 5:39 AM
> >To: [email protected]
> >Subject:
> >
> >
> >
> >Hi,
> >
> >I am new to this list as well as FW1. I was trying to setup a PDS 2100
box
> >running checkpoint smalloffice. It has vpn1 and fw1 ver 4.1 I have
some
> >issues and it will be great if someone could clarify.
> >
> >1. Does FW1 allow NATing of protocol 47? I came across several posts
as
> >well
> >as on Phoneboy site it is mentioned that it does but it did not let me
do
> >that from Management console. Without this PPTPD won't work behind
fw1.
> >
> >2. Is it possible for SecuRemote to work from a NATed environment. FW1
> >address is real though.
> >
> >Thanks,
> >Naresh
> >_________________________________________________________________
> >Get your FREE download of MSN Explorer at http://explorer.msn.com
> >
> >
> >
>
>============================================================================
> >====
> > To unsubscribe from this mailing list, please see the
instructions
at
> > http://www.checkpoint.com/services/mailing.html
>
>============================================================================
> >====
> >
> >
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>
>
>
================================================================================
> To unsubscribe from this mailing list, please see the instructions
at
> http://www.checkpoint.com/services/mailing.html
>
================================================================================
>
Michael Tench
_______________________________________________________
Send a cool gift with your E-Card
http://www.bluemountain.com/giftcenter/
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
