[FW-1] Réf. : Re: [FW-1] PPTP/HIDE NAT

Subject:	[FW-1] Réf. : Re: [FW-1] PPTP/HIDE NAT
From:	Bertrand KLOTZ <bklotz AT GFI DOT FR>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Wed, 28 Jun 2006 18:42:21 +0200

Hi,

did you

- add the line fw_pptp_enforce_protocol=1  in the
$FWDIR/modules/fwkern.conf file
- declare the pptp_tcp service with type PPTP_TCP

Bertrand





Sascha Picchiantano <sascha AT PICCHIANTANO DOT DE>@AMADEUS.US.CHECKPOINT.COM> 
le
28/06/2006 17:49:04

Veuillez répondre à Mailing list for discussion of Firewall-1
       <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>

Envoyé par :      Mailing list for discussion of Firewall-1
       <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>


Pour : FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
cc :

Objet :     Re: [FW-1] PPTP/HIDE NAT


Hi,

I was just trying to set this up and regarding to Checkpoint's notes on
their website, we need to have R55 HFA10 or above to make this work. We
have
HFA17 but it doesn't work. When the client behind FW1 tries to initiate the
PPTP connection to an outside VPN system, that system tries to make a
connection back to our Hide-NAT address using IP protocol 47. FW1 drops
that.

Any idea what I might be doing wrong?

Thanks for your help!

Sascha

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [FW-1] PPTP/HIDE NAT, Sascha Picchiantano [FW-1] Réf. : Re: [FW-1] PPTP/HIDE NAT, Bertrand KLOTZ <= Re: [FW-1] PPTP/HIDE NAT, Reinhard Stich Re: [FW-1] PPTP/HIDE NAT, Sascha Picchiantano [FW-1] Réf. : Re: [FW-1] PPTP/HIDE NAT, Bertrand KLOTZ Re: [FW-1] PPTP/HIDE NAT, cisco4ng

Previous by Date:	Re: [FW-1] IP350 NGX Memory Utilization, Lino Eduardo Avila Rodríguez
Next by Date:	Re: [FW-1] PPTP/HIDE NAT, Reinhard Stich
Previous by Thread:	Re: [FW-1] PPTP/HIDE NAT, Sascha Picchiantano
Next by Thread:	Re: [FW-1] PPTP/HIDE NAT, Reinhard Stich
Indexes:	[Date] [Thread] [Top] [All Lists]