[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [fw1-wizards] RE: [FW1] SR behind NAting device
So are you telling me that SP2 udp_encapulation does not work with NAT ?? -----Original Message----- From: Yim Lee [mailto:[email protected]] Sent: Thursday, November 30, 2000 7:04 PM To: Idan Dolev; Firewall (E-mail); Firewall_Mailing_List (E-mail) Subject: [fw1-wizards] RE: [FW1] SR behind NAting device I talked with CheckPoint and this is a known problem. Currently, there is no known fix. Yim --- Idan Dolev <[email protected]> wrote: > > some additional info : > > my network is ; > > station A-----firewall A----firewall B------station > B > > LAN A is 10.0.0.0 LAN B 11.0.0.0 between A and B is > 13.0.0.0. > I am trying from station B to get to station A. > Firewall B is hiding my station B ( HIDE NAT ) > When I do site update I can authenticated > successfully. and I see over in > firewall A log the ip address of firewall A as the > resource for the > connection. > When I try to connect to station A after the > authentication I see in > firewall A log my ORIGINAL IP of my station ????? > of course when I add a route to firewall A to my > original ip - everything > works....... > > Is the right behavior ? should I see the original ip > address of my station > ??? > > Has anybody had a good experience with sp2 and udp > encapsulation ?? > > Idan > > -----Original Message----- > From: Idan Dolev [mailto:[email protected]] > Sent: Thursday, November 30, 2000 11:39 AM > To: Firewall_Mailing_List (E-mail) > Subject: [FW1] SR behind NAting device > > > > > > > Hi guys, > > > > Well I am testing out the SR behind natted device > and it seems not to work > > for me.... > > I can download the topology just fine, and as far > as I read I should not > > make any changes, it should automatically. > > Any suggestions ? after installing sp2 the > vpn1_encapsulation is already > > defined plus the 2746 service. and I checked with > or without the force > > udp in the client > it seems fine with topology but as soon as I try to > connect I see in the > firewall log the real invalid clients address....... > > > > Idan > > > ============================================================================ > ==== > To unsubscribe from this mailing list, please > see the instructions at > > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > > ============================================================================ ==== > To unsubscribe from this mailing list, please > see the instructions at > > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ --------------------------------------------------------------------- This email came from the FireWall-1 Wizards Mailing List To unsubscribe, e-mail: [email protected] For more information, email: [email protected] ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|