[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] RE: PPTP thru FW1
Hi,
I have try the same thing but i was able to do PPTP
through FW1 without NAT!
BUT there is a problem, i was only able to browse our
internal web server and I cant access our email
server.
What am I missing?
If you have any advice, it will be very much
apprepricated.
Cheers,
Ivan More
--- Naresh Narang <[email protected]> wrote:
>
> I am sorry for sounding so foolish. I have set up
> static and Hide NATs
> already. Actually I meant whenever I try to add a
> service with gre protocol
> in the NAT rule (whether in a package or alone)
> Mgmt. console says this
> service is not allowed for NAT.
>
> Thanks
> Naresh
>
>
> >From: Michael Tench <[email protected]>
> >To: Naresh Narang <[email protected]>,
> [email protected],
> >[email protected]
> >Subject: Re: [FW1] RE: PPTP thru FW1
> >Date: Tue, 1 May 2001 12:35:30 -0700 (PDT)
> >
> >To perform a manual static nat:
> >
> >Use the policy editor:
> >1) Create object "foo"
> >2) Create an object called "foo-external"
> >3) Click on the tab labeled "address translation"
> >4) Add a rule in the address translation policy
> original packet section
> >with
> >a source of object foo to destination of any. In
> the translation section
> >enter a source of foo-external and destination of
> any.
> >5) Add another rule in the address translation
> policy original packet
> >section with a source of object any and a
> destination of object
> >foo-external. In the translation section enter a
> source of any and a
> >destination of foo.
> >6) On the firewall create a route from foo external
> to foo. (In other
> >words,
> >Unix...route add 192.168.16.5 10.2.1.3 1
> >
> >You can also do this automatically, but I foind
> that it is easier to do
> >this
> >manually if you operate a number of firewalls.
> >
> >Michael Tench
> >
> >
> >On Tue, 01 May 2001 05:44:35 , Naresh Narang wrote:
> >
> > >
> > > But how does one perform static or any NAT.
> Mgmt console does not let
> >me
> >do
> > > it.
> > >
> > > Naresh
> > >
> > >
> > > >From: "Carl E. Mankinen" <[email protected]>
> > > >To: "Naresh Narang"
> <[email protected]>,
> > > ><[email protected]>
> > > >Subject: RE:
> > > >Date: Sun, 29 Apr 2001 22:25:17 -0400
> > > >
> > > >Static NAT, yes PPTP works.
> > > >Hide NAT, no PPTP doesnt.
> > > >
> > > >-----Original Message-----
> > > >From:
> [email protected]
> > >
>
>[mailto:[email protected]]On
> Behalf
> >Of
> > > >Naresh Narang
> > > >Sent: Saturday, April 28, 2001 5:39 AM
> > > >To:
> [email protected]
> > > >Subject:
> > > >
> > > >
> > > >
> > > >Hi,
> > > >
> > > >I am new to this list as well as FW1. I was
> trying to setup a PDS 2100
> >box
> > > >running checkpoint smalloffice. It has vpn1
> and fw1 ver 4.1 I have
> >some
> > > >issues and it will be great if someone could
> clarify.
> > > >
> > > >1. Does FW1 allow NATing of protocol 47? I
> came across several posts
> >as
> > > >well
> > > >as on Phoneboy site it is mentioned that it
> does but it did not let me
> >do
> > > >that from Management console. Without this
> PPTPD won't work behind
> >fw1.
> > > >
> > > >2. Is it possible for SecuRemote to work from
> a NATed environment. FW1
> > > >address is real though.
> > > >
> > > >Thanks,
> > > >Naresh
> > >
>
>_________________________________________________________________
> > > >Get your FREE download of MSN Explorer at
> http://explorer.msn.com
> > > >
> > > >
> > > >
> > >
> >
>
>============================================================================
> > > >====
> > > > To unsubscribe from this mailing list,
> please see the
> >instructions
> >at
> > > >
> http://www.checkpoint.com/services/mailing.html
> > >
> >
>
>============================================================================
> > > >====
> > > >
> > > >
> > >
> > >
>
_________________________________________________________________
> > > Get your FREE download of MSN Explorer at
> http://explorer.msn.com
> > >
> > >
> > >
> > >
>
>================================================================================
> > > To unsubscribe from this mailing list,
> please see the instructions
> >at
> > >
> http://www.checkpoint.com/services/mailing.html
> > >
>
>================================================================================
> > >
> >
> >
> >Michael Tench
> >
> >
> >
> >
> >
>
>_______________________________________________________
> >Send a cool gift with your E-Card
> >http://www.bluemountain.com/giftcenter/
> >
> >
>
>
_________________________________________________________________
> Get your FREE download of MSN Explorer at
> http://explorer.msn.com
>
>
>
>
================================================================================
> To unsubscribe from this mailing list, please
> see the instructions at
>
> http://www.checkpoint.com/services/mailing.html
>
================================================================================
>
_______________________________________________________
Do You Yahoo!?
Get your free @yahoo.ca address at http://mail.yahoo.ca
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================