| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] NAT router at Firewall endpoint
Hi All,
I am trying to configure VPN's when the DSL router at the Firewall end does NAT, which
can't be disabled.
The closest I have got is with SecurRemote Authenticating, but no encrypted traffic passing.
Any and all documentation I have found on either the SecureKnowledge site or phoneboy.com
refers to NAT being at the client end, but nothing about NAT at the Firewall end.
I believe this is more than just opening UDP/500 and Protocol 50 through the DSL router, but
am not sure what. I'm trying to avoid UDP encapsulation as I also need to setup a Firewall to
Firewall VPN which will involve a DSL NAT'ing device.
We do have the Gateway IP as that of the DSL, so it can at least find it's way there, and the
encryption domain is if the internal LAN, but I'm thinking the problem maybe that the address
the firewall gives out, is not the same as the client sees and the client is noticing this and
rejecting.
Any pointers to doc's or gotchas would be greatly appreciated as nearly everyone I've talked to
says this can't be done, or those who say it can be can't tell me how.
Cheers,
Steve Rielly
Security Engineer
Extranet Technologies Limited
Level 3, 60 Cook St, Auckland, New Zealand
P.O. Box 7726, Wellesley Street, Auckland, New Zealand
Ph: +, Mob: 025 835530 Fax: +================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
