[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Vedr.: [FW-1] VPN between two firewalls
Only thing I can think of, is that u need to have your nat address in your crypto domain on NG. ei. your crypto rules must have the nat address, in the rule, to accept the trafik. Packets seems to be nat'ed before they are entering the crypto rule. This wasnt nessesary on 4.1 .... ____________________________________________________ Med venlig hilsen / Best regards Lars Schmidt-Petersen Tlf. : +45 74 33 53 42 Sønderjyllands Amt - edb-kontoret e-mail : [email protected] Skelbækvej 2 6200 Aabenraa ____________________________________________________ [email protected] Sendt af: Mailing list for discussion of Firewall-1 <[email protected]> 26-09-2003 12:39 Besvar venligst til Mailing list for discussion of Firewall-1 Til: [email protected] cc: (bcc: Lars Schmidt-Petersen/ØkAfd/SjA) Vedr.: [FW-1] VPN between two firewalls Hello, we have two offices both with NG FP3 firewalls. We want to use encrypted connections between the two offices. I created interoperable devices on both offices with the same secret. Office A has official IP addresses, office B uses NAT. I created rules on both offices that incoming and outgoinig connections between both firewalls shall be encrypted. >From office A I can reach (telnet, ping) machines in office B (with 1:1 NAT) but from office B I can't communicate with office A (no telnet, no ping). Normal connections (rules without encryption) work in both directions. Any idea what I did wrong? Has anyone a good documentation about encryption and NAT? regards Rainer -- Rainer Freis Leiter Systemadministration santix AG Weihenstephaner Str. 4 D-85716 Unterschleissheim Phone: (+49) 89 321506-24 Fax : (+49) 89 321506-99 You don't know what real time-critical software is until you're responsible for the paychecks of a battalion of heavily armed Marines. (somebody in alt.sysadmin.recovery) ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|