Re: [FW-1] Nortel VPN Extranet client through FW-1(R55) to Nortel VPN Ex

Subject:	Re: [FW-1] Nortel VPN Extranet client through FW-1(R55) to Nortel VPN Extranet 2600
From:	Clint Leatherman <cleatherman AT TELECORPINC DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Mon, 31 Jan 2005 12:02:43 -0600

Allow inbound IPSEC to the Contivity and also set NAT traversal.  I would not 
add a public IP address to the Contivity as that would add another potential 
point of entry into your network.



Moon, Curtis wrote:

Does anyone know how to configure FW-1(R55) on Windows 2003 server and an
Nortel VPN Extranet 2600 (Contivity) on internal network, so that a Nortel
software clients(external) can pass through a FW-1 firewall and connect to a
VPN Extranet 2600 (Contivity) Gateway (internal) (see schema below)?


(1)Many Nortel VPN Clients --->Internet ---> (2)FW-1 (R55) Windows2003
---->(3)Nortel Contivity Extranet 2600 Gateway

Just want the external Nortel Clients to pass through FW-1 to the Nortel
Contivity.  If this can be done does it make sense?  Is there an advantage to
passing the ipsec traffic throught FW-1 or would it be the same as just
allowing the Nortel Extranet 2600 to have a public ip address and just let
the Nortel Clients connect directly to the Extranet 2600 and then connect it
to our internal network?

Thanks,



Curtis Moon

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Nortel VPN Extranet client through FW-1(R55) to Nortel VPN Extranet 2600, Moon, Curtis Re: [FW-1] Nortel VPN Extranet client through FW-1(R55) to Nortel VPN Extranet 2600, Thomas Adams Re: [FW-1] Nortel VPN Extranet client through FW-1(R55) to Nortel VPN Extranet 2600, Clint Leatherman <= Re: [FW-1] Nortel VPN Extranet client through FW-1(R55) to Nortel VPN Extranet 2600, Seung Ha Lim Re: [FW-1] Nortel VPN Extranet client through FW-1(R55) to Nortel VPN Extranet 2600, Bergin, Rob

Previous by Date:	Re: [FW-1] Nortel VPN Extranet client through FW-1(R55) to Nortel VPN Extranet 2600, Bergin, Rob
Next by Date:	Re: [FW-1] Bypassing "CONNECT command found in HTTP request", Quick, Richard A.
Previous by Thread:	Re: [FW-1] Nortel VPN Extranet client through FW-1(R55) to Nortel VPN Extranet 2600, Thomas Adams
Next by Thread:	Re: [FW-1] Nortel VPN Extranet client through FW-1(R55) to Nortel VPN Extranet 2600, Seung Ha Lim
Indexes:	[Date] [Thread] [Top] [All Lists]