Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Problem with SecuRemote

To: [email protected]
Subject: Re: [FW-1] Problem with SecuRemote
From: Scott Elder <[email protected]>
Date: Thu, 7 Feb 2002 15:21:16 -0700
Importance: Normal
In-reply-to: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

 ______________________
|Main Router at CoLo   |
|______________________|
        |
        |
 ______________
| My Switch    |
| 66.xx.xx.xx  |
|______________|
       |
       |
     12.xx.xx.xx
 ______|_________
 | My IP330      |  3 interfaces - only using 2
 |               |  12.x - Public
 |_______________|  66.x - Private
     66.xx.xx.xx
        |
        |               66.x Network
        |_______________________________________________________
                |            |               |
                |            |               |
          ____________  ___________       ___________
          |  Machine A| | Machine B|      | NAT POOL |
          | 66.x      | | 66.x     |      | 66.x     |
          ____________  ____________      ____________
                |            |                 |
                |            |                 |
         _______________________________________________________
                          192.x Network

The NAT Pool is on the same network that I am trying to VPN to.  I am using
5 address "above" the address I am using for machines.
Also, the encrypted domain on the firewall object is a network object that
also includes the addresses I am using in the NAT pool.  I'm not sure if it
makes a difference or not, but I thought I would mention it.

As you can see, I also have a private network on each of the machines.  If
it would be easier to configure my VPN for this network, I'm all for it.  I
still have one interface on the FW that I am not using.

Thanks,

-Scott

> Don,  I can get a drawing together for you later today.  Any particular
> format you are looking for?  Also, I am using Checkpoint version 4.1.
Any sort of basic diagram to help us troubleshoot would be appreciated.

-don

> -----Original Message-----
> From: Mailing list for discussion of Firewall-1
> [mailto:[email protected]]On Behalf Of Don
> Sent: Wednesday, February 06, 2002 8:41 PM
> To: [email protected]
> Subject: Re: [FW-1] Problem with SecuRemote
>
>
> > When I ping the first address in my NAT pool, I get no response back.
The
> > firewall log shows the destination address of the address I am pinging,
> but
> > thats it. Nothing is being returned?
> What is the IP address of the client that you are connecting from? Is this
> address NAT'd?
>
> Can you provide a crude network diagram?
>
> Also, which version of FW-1 did you say this was?
>
> -Don
>
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Follow-Ups:
- Re: [FW-1] Problem with SecuRemote
  - From: Don <[email protected]>

References:
- Re: [FW-1] Problem with SecuRemote
  - From: Don <[email protected]>

Prev by Date: Re: [FW-1] Appropriate model
Next by Date: [FW-1] problem with secure remote on win2k
Previous by thread: Re: [FW-1] Appropriate model
Next by thread: Re: [FW-1] Problem with SecuRemote
Index(es):
- Date
- Thread