[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] VPN to firewall behind NAT
I think, there are a lot of problems when you change the source IP addres during the NAT process (try it without the AH phase) -----Mensaje original----- De: Nico De Ranter [mailto:[email protected]] Enviado el: 17 diciembre 2001 16:51 Para: [email protected] Asunto: [FW-1] VPN to firewall behind NAT Howdy, quick question: is it possible to set up a VPN using Checkpoint VPN-1 NG (FP1) with a firewall that is behind a router doing NAT? i.o.w: fw (e.g. 1.2.3.4) <--> (e.g. 5.6.7.8) NAT router (e.g. 10.0.0.1) <--> fw (e.g. 10.0.0.2) Is this possible using IKE and IPsec? I vaguely remember IPsec uses the ip-address of the firewall for some hashing so this will probably get messed up when using NAT right? Thanks in advance, Nico --------------------------------------------------------- "It has been said that there are only two businesses that refer to customers as users: illegal drug trade and the computer industry." --------------------------------------------------------- Nico De Ranter Sony Service Center (SDCE/VPE-B) Sint Stevens Woluwestraat 55 (Rue de Woluwe-Saint-Etienne) 1130 Brussel (Bruxelles), Belgium, Europe, Earth Telephone: +32 2 724 86 41 Telefax: +32 2 726 26 86 e-mail: [email protected] ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] ================================================= ********************************************************************** COLT Telecom Espana S.A. Oficina Registrada en: Telemaco, 5 28027 Madrid Tel. +34 91 789 9000 This message is subject to and does not create or vary any contractual relationship between COLT Telecommunications, its subsidiaries or affiliates ("COLT") and you. Internet communications are not secure and therefore COLT does not accept legal responsibility for the contents of this message. Any view or opinions expressed are those of the author. The message is intended for the addressee only and its contents and any attached files are strictly confidential. If you have received it in error, please telephone the number above. Thank you. ********************************************************************** ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] =================================================
|