[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Secure Remote behind NAT DSL router
I am currently having trouble getting a Windows 98 machine to connect from behind a NAT'd device. I am using 4.1 sp2 firewall that was upgraded from 4.0. I edited the objects.c file and changed the lines to :userc_NAT (true) :userc_IKE_NAT (true). The NAT'ing on the Router is a hide NAT. I am using Firewall-1 password for authentication. I have tried both IKE and FWZ for encryption. However when I select just IKE and not FWZ on the firewall, my client errors out with error in exchanging keys with firewall. I have IKE checked as an option under my firewall object VPN tab. I have also choosen pre-shared secret. My questions are 1) Exactly how do I need to setup the client to use IKE? Please include everything that I will need to perform this. Do I need IKE defined in my firewall object? If so do I choose pre-shared secret? 2) Is there anything special I need on the client in order to get this working? And finally I would like to thank those who help me in advance. Thank You, Lee Christie (CCSA) Security Engineer CorpNet Security____________________________________ trust.no.one.train.everyone surround yourself with knowledge www.corpnetsecurity.com ----------------------------------------------------------------------- NOTICE: CONFIDENTIAL COMMUNICATION This e-mail message and any accompanying files may contain information that is confidential and subject to privilege. If you are not the intended recipient, and have received the e-mail in error, you are notified that any use, dissemination, distribution, forwarding, printing or copying of the message and any attached files is strictly prohibited. If you have received this e-mail message in error please immediately advise the sender by return e-mail, or telephone, listed below. You must destroy the original transmission and its contents. Any views expressed within this communication are those of the individual sender, except where the sender specifically states them to be the views of CorpNet Security. This communication should not be copied or disseminated without permission. -------------------------------------------- ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|