Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Cisco IP-in-IP tunnel via FW-1 IKE site-2-site VPN?

To: [email protected]
Subject: [FW-1] Cisco IP-in-IP tunnel via FW-1 IKE site-2-site VPN?
From: Steve Loughran <[email protected]>
Date: Wed, 29 May 2002 16:38:43 +0100
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi all

Its been a while since I have posted here, but I have a question that I
would like to ask, so I can get response before I go too far down this
particular road.

Platform: Solaris FW-1 3DES v4.1 + updates

I looks after a small cluster of subnets that are part of a larger (and very
disjointed) WAN. I have three FW-1 units, one at each site. One of the sites
(site-A) has a local area connection to an Internal WAN that in turn
connects to the rest of the larger WAN, the other two sites (site-B and
site-C) are standalone sites. Trying to set up VPN encryption domains on the
site-A firewall to tell the other two firewalls that traffic should send
traffic through it for the larger WAN is nearly impossible (mostly due to
the fact that you cant use network ranges in encryption domains... bah!).

To manually create network objects for all the other WAN subnets would be
vastly time consuming, and a nightmare to configure and administor, so I was
was wondering if I could just do the three site VPN encryption stuff, and
run some Cisco Tunnelling at each site for the other subnets that are not
under my control.

So, my question is this: Are there any inherent problems running Cisco
Tunnels for IP only traffic via a FW-1 IKE VPN tunnel?

As always, your thoughts, feedback and help is greatly appreciated.

--

Steve

-------------------------------------------------
Steve Loughran, Network Infrastructure Manager
Sony Computer Entertainment Europe (Cambridge)
Yamaha YZF1000R Thunderace
ICQ#: 12666311 (Work), 104426046 (Laptop)
Team Waste - Where do you want to go wrong today?

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Follow-Ups:
- Re: [FW-1] Cisco IP-in-IP tunnel via FW-1 IKE site-2-site VPN?
  - From: Peter Goodridge <[email protected]>

Prev by Date: [FW-1] AW: [FW-1] ques
Next by Date: Re: [FW-1] ques
Previous by thread: Re: [FW-1] AW: [FW-1] ques
Next by thread: Re: [FW-1] Cisco IP-in-IP tunnel via FW-1 IKE site-2-site VPN?
Index(es):
- Date
- Thread