[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] PPTP through Checkpoint



Title: Re: [FW-1] PPTP through Checkpoint
In my case, I was able to add a virtual interface on the server with the routable IP and use static host routes to “pass it on down the line”.
Bill

On 9/30/02 9:20 PM, "Ryan Realivasquez" <[email protected]> wrote:

How do I get away from NAT while behind a Checkpoint 4.1 firewall?  I am currently using Static NAT to translate a routable IP to the server's internal IP.   Is there another way than that?  

Thanks,

Ryan
-----Original Message-----
From: Bill Husler [mailto:[email protected]]
Sent: Monday, September 30, 2002 7:58 PM
To: Mailing list for discussion of Firewall-1 <[email protected]>; Ryan Realivasquez
Subject: Re: [FW-1] PPTP through Checkpoint

I did some testing with PPTP and never got it to work in combination with NAT. When I removed NAT, it worked fine.
Bill

On 9/30/02 6:46 PM, "Ryan Realivasquez" <[email protected]> wrote:

I am using Checkpoint 4.1  and I am trying to setup a PPTP VPN server using Win 2000.  I have opened up the proper ports as well as the GRE IP protocol 47 in the firewall.   For some reason though, I will connect to the server and the client will attempt to login, but I get an error 721 on the win 2000 vpn client.    I have read where this error can indicate that GRE traffic is not getting through, but I used the PPTP test tool that is on the Win2000 server CD and it says that GRE traffic is getting through.  Any ideas?  I am using a Static NATted Win 2000 server, and a win 2000  pro client.

Thanks,

Ryan