Re: [FW-1] Problems Configuring Site-to-Site VPN

Subject:	Re: [FW-1] Problems Configuring Site-to-Site VPN
From:	fwguru <fwguru AT GMAIL DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 22 Dec 2006 14:22:17 -0500

Make sure that you have Hub Mode enabled on the vpn client and enable hub
mode on the gateway.  all traffic from the client will travel thru the
tunnel.  once received, the firewall's routing table will handle the rest.

Neil Delacruz


On 12/21/06, Brooks, George CTR <George.Brooks AT ssp.navy DOT mil> wrote:


I am trying to configure a Site-to-Site VPN on a Nokia IP380 running
Checkpoint R55.  I want to allow user from the Internet that need to go
to a particular subnet to go through my external firewall interface.
This traffic should go through the tunnel to a NetScreen firewall.



I believe that I have everything configured.  The tunnel seems to be
established.  However, when I sit outside my firewall and try to get to
the internal network, the checkpoint firewall seems to try to send the
data down the network directly instead of through the tunnel.  I feel
that I am missing something.



Thanks,

George Brooks

BAE Systems @ Strategic Systems Programs

703-601-9146




=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Problems Configuring Site-to-Site VPN, Brooks, George CTR Re: [FW-1] Problems Configuring Site-to-Site VPN, pkc_mls Re: [FW-1] Problems Configuring Site-to-Site VPN, fwguru <= Re: [FW-1] Problems Configuring Site-to-Site VPN, Chris H Re: [FW-1] Problems Configuring Site-to-Site VPN, Ali HS

Previous by Date:	[FW-1] Port Scan(sweep scan) traffic blocking, P.V.Sankar
Next by Date:	[FW-1] Blocking Port Scan packets, P.V.Sankar
Previous by Thread:	Re: [FW-1] Problems Configuring Site-to-Site VPN, pkc_mls
Next by Thread:	Re: [FW-1] Problems Configuring Site-to-Site VPN, Chris H
Indexes:	[Date] [Thread] [Top] [All Lists]