NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] VPN between two firewalls


  • To: [email protected]
  • Subject: Re: [FW-1] VPN between two firewalls
  • From: "Paul J. Messer" <[email protected]>
  • Date: Fri, 26 Sep 2003 12:00:57 +0100
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcOEG/QQnN2rQmnpQn6UWvKAE6ReXwAAQQ9Q
  • Thread-topic: [FW-1] VPN between two firewalls

Rainer,

this sounds familiar...think it could be an ongoing "feature" of FW-1 which I came across in 4.1. Basically the illegal addresses are encrpyted..then the fw comes to nat them to their legal addresses without encryption..there was a fix for 4.1 don't know about NG, perhaps ask your support company about it / checkpoint...

Sorry I can't help further.

Paul.

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of
[email protected]
Sent: 26 September 2003 11:39
To: [email protected]
Subject: [FW-1] VPN between two firewalls


Hello,

we have two offices both with NG FP3 firewalls. We want to use encrypted
connections between the two offices. I created interoperable devices on
both offices with the same secret.

Office A has official IP addresses, office B uses NAT.

I created rules on both offices that incoming and outgoinig connections
between both firewalls shall be encrypted.

>From office A I can reach (telnet, ping) machines in office B (with 1:1
NAT) but from office B I can't communicate with office A (no telnet, no
ping). Normal connections (rules without encryption) work in both
directions.

Any idea what I did wrong? Has anyone a good documentation about
encryption and NAT?


regards
        Rainer

--
Rainer Freis                                    Leiter
Systemadministration

santix AG      Weihenstephaner Str. 4
D-85716 Unterschleissheim
Phone: (+49) 89 321506-24            Fax  : (+49) 89 321506-99

You don't know what real time-critical software is until you're
responsible for the paychecks of a battalion of heavily armed
Marines.  (somebody in alt.sysadmin.recovery)

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.521 / Virus Database: 319 - Release Date: 23/09/2003


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.521 / Virus Database: 319 - Release Date: 23/09/2003

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.