[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] SecuRemote & UDP Encapsulation
- To: [email protected]
- Subject: Re: [FW-1] SecuRemote & UDP Encapsulation
- From: Hal Dorsman <[email protected]>
- Date: Tue, 4 Dec 2001 09:48:20 -0700
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcF8pNlj5KRHZqEnS+CBAyXi+XtDqwAO+UJw
- Thread-topic: [FW-1] SecuRemote & UDP Encapsulation
Title: SecuRemote & UDP Encapsulation
Hi, I have a
problem with Securemote users that try to connect to the LAN while they are
connected to a private network at home that have the same IP range as the LAN,
or using ADSL line with the same properties.
I read about the UDP Encapsulation solution in
Checkpoint SP2 manual. My Q are : Did
anyone implemented this solution ? Does it work ? Is the only thing that I
should do is to edit the Objects.C file ?
Thanks [Hal Dorsman]
You
are talking about two different things. The UDP encapsulation is for
forcing IPSec past a NAT router.
You
cannot access an internal LAN from another network with the same addressing,
as this would violate
basic
routing principles. Checkpoint does have a work around for this.
"Enable IP Pool NAT for SecuRemote
Connections" in the IP Pool NAT tab of
Properties.
Hal
Eitan Lugassi
<http://www.camelot.com>
Network Secure. Go Play
|