[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] VPN via NAT
You'll have overlapping encryption domains which will cause failure. Move the client to a different network address space, as was suggested. Chris -----Original Message----- From: Rocky Stefano To: RBHATIA; Firewall 1 Mailing list (E-mail) Sent: 8/31/01 11:35 PM Subject: RE: [FW1] VPN via NAT Can't you just change the user's addressing to use a 192 range? Most soho firewall products already choose a 192 address anyways. -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of RBHATIA Sent: August 31, 2001 2:36 PM To: Firewall 1 Mailing list (E-mail) Subject: [FW1] VPN via NAT I had a question. We are trying to get a user to access our internal network via VPN. That user is on a DSL connection and has the VPN software installed. Her DSL router is configured with NAT which uses a dhcp pool to assign an IP to the machines on the internal LAN - her internal interface address is a non routable private 10.0.0.0 network , her personal computer's IP address is 10.0.0.2 and NAT is being used to mask the private IP and make it routable via a public IP. However, our company LAN is also using the same private non routable 10.0.0.0 range. How will her VPN connection get activated when she tried to access a resource that is on our network. That is our problem...the VPN connection never kicks off since it assumes that all network objects that have the same destination network address are on her local LAN and does not get across the router. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|