NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Point-to-Point VPN



Hi,

Please excuse the crude ASCII diagram:

                 ------------
                 |          |
                 | Internet |
    |------------|          |------------
    |            ------------           |
    |                                   |
    |                                   |
----------                          ----------
|        |                          |        |
| Corp   |                          | Remote |
|        |                          |        |
----------                          ----------
     |                                  |
   <Cisco Router>                    <Cisco Router>
     |                                  |
     |----------<Private T-1>-----------|


I'd like to setup a VPN as failover for the private T-1.  However, I don't
want traffic encrypted over the T-1.  So far, the advice I've been given is
to setup a VPN rule and disable it until needed.  But, this doesn't exactly
meet my needs since it requires a manual step to initiate the failover.

I'm using a distributed setup with the FW-1/VPN-1 NG FP1 products running on
Nokia boxes and the management station running on a Windows 2000 server.  I
can't use the IPSec tunnels that are part of the Nokia boxes unless I want
to change my SecuRemote users to FW-1 encryption, which I'd also, rather not
do since Checkpoint seems to be downplaying the protocol in favor for IPSec.
And, I also don't want to replace the Nokia boxes or put a server in between
it and the rest of the network as a new default gateway.

Seems like I'm being picky doesn't it? ;)  But, if it was a different
firewall/VPN product that didn't use encryption domains, it'd be easy.  I
like Checkpoint but I'm having difficulty finding a solution to this
problem.

Thanks for any help,

Robert

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.