Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [FW-1] LAN-2-LAN IPSEC inside IPSEC VPN?

from Ray [Permanent Link]
Subject: Re: [FW-1] LAN-2-LAN IPSEC inside IPSEC VPN?
From: Ray <sixsigma44 AT HOTMAIL DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Thu, 30 Sep 2004 08:54:30 -0400 
Check Point IPSEC traffic? If so, you're probably seeing drops on Rule 0
because of the "accept remote access traffic" implied rule. You would need
to remove that implied rule, make sure your site-to-site rule allows remote
access traffic and then create a new rule after the site-to-site rule to
accept the remore access traffic.

If I'm thinking correctly this morning, that is. :-)

Ray



From: Steve Loughran <stevelml1 AT SCEE.SONY.CO DOT UK>
Reply-To: Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] LAN-2-LAN IPSEC inside IPSEC VPN?
Date: Thu, 30 Sep 2004 08:06:35 +0100

Hi all

On NG R55, is it possible to have LAN to LAN IPSEC traffic go via site to
site IPSEC VPN? I am having a few problems with it this morning, the
firewalls at either end are dropping it because they think its firewall to
firewall IPSEC, dont understand it, and drop it.

Any clues or tips? Or will this always fail?

Steve

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


_________________________________________________________________
Don?t just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [FW-1] JPEG/GDI+ DLL Exploit, Philipp Müller
Next by Date:  Re: [FW-1] Site to Site VPN's and Securemote, Jose Joaquin Delgado
Previous by Thread:  [FW-1] LAN-2-LAN IPSEC inside IPSEC VPN?, Steve Loughran
Next by Thread:  [FW-1] "where Used" option grayed out, David CALLEBAUT
Indexes:  [Date] [Thread] [Top] [All Lists]