Re: [FW-1] VPN problem when deployed behind router (static NAT)

Subject:	Re: [FW-1] VPN problem when deployed behind router (static NAT)
From:	cisco4ng <cisco4ng AT YAHOO DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Wed, 27 Sep 2006 05:38:00 -0700

I asked this same question a couple months ago and Gary Scott was kind enough
  to send a pdf file that explained all this.  Garry, can you resend the link?  
Thanks.
   
  cisco4ng

Juniman Kasman <juniman AT GMAIL DOT COM> wrote:
  Hi All,

I am going to configure VPN on CP FW-1 NGX.
I configure Private IP (192.168.x.x) on Nokia/CP and then that IP is NAT-ted
to Public IP by router using Static NAT.

192.168.x.x <---NAT---> 202.x.x.x
NOKIA-----------------------ROUTER---------------------INTERNET / VPN-users
(SecureClient)
CP

The results is VPN connection is failed on phase I.
if someone have deployed VPN in such a scenario, please advice.
is it best practise design?
Any relation with Tunnel & Transport mode?

Please advice

-- 
Juniman Kasman
Security Consultant

PT Packet Systems Indonesia
(a member of DMX Technologies)
Phone : +62 21 577 0777
Fax : +62 21 577 0222
Mobile : +62 816 965689
Email : juniman.kasman AT packet-systems DOT com

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


                
---------------------------------
Do you Yahoo!?
 Everyone is raving about the  all-new Yahoo! Mail.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] VPN problem when deployed behind router (static NAT), Juniman Kasman Re: [FW-1] VPN problem when deployed behind router (static NAT), cisco4ng <=

Previous by Date:	[FW-1] VPN problem when deployed behind router (static NAT), Juniman Kasman
Next by Date:	Re: [FW-1] Trial License Expired, Juniman Kasman
Previous by Thread:	[FW-1] VPN problem when deployed behind router (static NAT), Juniman Kasman
Next by Thread:	[FW-1] Cisco easy VPN vs Safe@office, Martín Alcalá Rubí
Indexes:	[Date] [Thread] [Top] [All Lists]