Does FW1 FP2 or FP3 support IPSec pass through. We have 5 workstations that
need to load a VPN client (IPSec compliant) which are be hide our firewall.
The VPN clients will have to connect through our firewall to a publicly
accessible VPN. I believe this is referred to as NAT-traversal. How would I
setup the rules to support IPSec pass through? Would I need to make any
global
changes? FW1 on a Win2k box. Thank you for your help.
This is what is working right now.
Source Destination Service
action
intworkstation(no nat) ExtIPSECvpn (IPSEC and vpn1encapsulation)
accept
ExtIPSECvpn intworkstation(nat) (IPSEC and vpn1encapsulation)
accept
Thus, each workstation needs to be static nat to public ip.
Does someone have a better way of IPSEC passthrough?
Can I do IPSEC pass through and just use one public ip?
thanks,
Curtis Moon
moonc AT boystown DOT org
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
