Re: [FW-1] NGX and VPN-1 Edge X site-to-site setup ?

Subject:	Re: [FW-1] NGX and VPN-1 Edge X site-to-site setup ?
From:	Caballero Carlos <ccaballero AT BANCOMERCANTIL.COM DOT BO>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Wed, 29 Mar 2006 09:56:09 -0400

Hi,

1.- In the smartdashboard define a new Network object, right click on Check 
Point and select new Check Point then select "VPN-1 Edge, Endebbed Gateway"

2.- Configure it like this:

        Name:  xxxxxxxxxxxxx

        IP Address: x.x.x.x "The IP address you had configured in the wan port  
                of  VPN-1 Edge box.

        VPN Enabled: Checked

        Connects as Site to Site Gateway: Selected

        Type: VPN-1 Edge X Series ( or the type of box you have there)

        Registration Key: You mast generate a registration Key.

        Externally Managed Gateway: It depends on you I prefer to manage the    
box by HTTP or SSL, so I have always checked this.

3.- Press OK to create the object.
4.- Export the certificate that had assigned to the object, this is done under 
VPN, Certificate List on the properties page of the object you had created.
5.- Install this certificate on the VPN Box. Under VPN on the web interface in 
the VPN Box. (You must first upgrade your box to a version 5.0.X or later, and 
synchronize the time of the box to your local time.)
6.- After that you have to configure the tunnel in the VPN Box.
7.- Then you have to create a VPN Community to handle the tunnel, there you 
have to define the participants of the tunnel.
8.- then create a rule or set of rules like this:

Source     Destination    VPN      Service    Action    Track     Install on
======     ===========    ===    =======    ======    =====   ==========
--------------------------------------------------------------------------
Local      Remote         VPN      ANY      accept     Log    * Policy          
             Network    Network     Community                               
Targets
                       You Have 
                       Created
--------------------------------------------------------------------------
Remote      Local         VPN      ANY      accept     Log    * Policy          
             Network    Network     Community                               
Targets
                       You Have 
                       Created



The tunnel its done.



Carlos Caballero
Ingeniero de comunicaciones
Banco Mercantil S.A.
La Paz - Bolivia
Telf: (591) 2 2409040 Ext.: 4441
 
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT 
AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Lars-Gunnar Nihlman
Sent: Miércoles, 29 de Marzo de 2006 08:13 a.m.
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] NGX and VPN-1 Edge X site-to-site setup ?

Hi
I'm new to VPN-1 Edge X devices so I don't know how to configure this
device to use a site-to-site VPN connection to my NGX R60.

The goal is to force all LAN users behind the Edge X box to pass all
communication through the NGX box via VPN.

I need some help/information on how to confige VPN in both NGX R60 and
the Edge X box.
Hope someone can help me with this.

Regards
Lars-Gunnar Nihlman

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

Este correo electrónico y sus anexos (si existieran) son confidenciales y están 
dirigidos únicamente al destinatario. La copia electrónica o física y posterior 
distribución no está permitida. En caso de recibir este mensaje por 
equivocación, le solicitamos borrarlo y comunicárnoslo inmediatamente; así como 
no copiar ni divulgar su contenido a ninguna persona. El contenido de este 
mensaje involucra únicamente al remitente y no representa necesariamente una 
manifestación del Banco Mercantil S.A., a no ser que expresamente se comunique 
y el remitente esté autorizado para hacerlo.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] NGX and VPN-1 Edge X site-to-site setup ?, Lars-Gunnar Nihlman Re: [FW-1] NGX and VPN-1 Edge X site-to-site setup ?, Ramakrishnan Pillai Re: [FW-1] NGX and VPN-1 Edge X site-to-site setup ?, Caballero Carlos <=

Previous by Date:	Re: [FW-1] NGX and VPN-1 Edge X site-to-site setup ?, Ramakrishnan Pillai
Next by Date:	Re: [FW-1] HA with EDGE, Problems with connectivity, Qaadir Haamid Hotmail
Previous by Thread:	Re: [FW-1] NGX and VPN-1 Edge X site-to-site setup ?, Ramakrishnan Pillai
Next by Thread:	[FW-1] BGP on Nokia, benisarg
Indexes:	[Date] [Thread] [Top] [All Lists]