Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Vedr.: [FW-1] VPN between two firewalls

To: [email protected]
Subject: [FW-1] Vedr.: [FW-1] VPN between two firewalls
From: Lars Schmidt-Petersen <[email protected]>
Date: Fri, 26 Sep 2003 13:31:30 +0200
In-reply-to: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Only thing I can think of, is that u need to have your nat address in your 
crypto domain on NG.
ei. your crypto rules must have the nat address, in the rule, to accept 
the trafik.
Packets seems to be nat'ed before they are entering the crypto rule.

This wasnt nessesary on 4.1 ....
____________________________________________________

Med venlig hilsen  /  Best regards
Lars Schmidt-Petersen                              Tlf. : +45 74 33 53 42
Sønderjyllands Amt - edb-kontoret        e-mail : [email protected]
Skelbækvej 2
6200 Aabenraa
____________________________________________________





[email protected]
Sendt af: Mailing list for discussion of Firewall-1 
<[email protected]>
26-09-2003 12:39
Besvar venligst til Mailing list for discussion of Firewall-1
 
        Til:    [email protected]
        cc:     (bcc: Lars Schmidt-Petersen/ØkAfd/SjA)
        Vedr.:  [FW-1] VPN between two firewalls


Hello,

we have two offices both with NG FP3 firewalls. We want to use encrypted
connections between the two offices. I created interoperable devices on
both offices with the same secret.

Office A has official IP addresses, office B uses NAT.

I created rules on both offices that incoming and outgoinig connections
between both firewalls shall be encrypted.

>From office A I can reach (telnet, ping) machines in office B (with 1:1
NAT) but from office B I can't communicate with office A (no telnet, no
ping). Normal connections (rules without encryption) work in both
directions.

Any idea what I did wrong? Has anyone a good documentation about
encryption and NAT?


regards
        Rainer

--
Rainer Freis                                    Leiter
Systemadministration

santix AG      Weihenstephaner Str. 4
D-85716 Unterschleissheim
Phone: (+49) 89 321506-24            Fax  : (+49) 89 321506-99

You don't know what real time-critical software is until you're
responsible for the paychecks of a battalion of heavily armed
Marines.  (somebody in alt.sysadmin.recovery)

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Follow-Ups:
- [FW-1] NTP problem Nokia NG-AI
  - From: Sunjo <[email protected]>

References:
- [FW-1] VPN between two firewalls
  - From: [email protected]

Prev by Date: [FW-1] SecuRemote: after reboot user must authenticate two times
Next by Date: Re: [FW-1] VPN between two firewalls
Previous by thread: [FW-1] VPN between two firewalls
Next by thread: [FW-1] NTP problem Nokia NG-AI
Index(es):
- Date
- Thread