[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] NAT router at Firewall endpoint
Hi All, I am trying to configure VPN's when the DSL router at the Firewall end does NAT, which can't be disabled. The closest I have got is with SecurRemote Authenticating, but no encrypted traffic passing. Any and all documentation I have found on either the SecureKnowledge site or phoneboy.com refers to NAT being at the client end, but nothing about NAT at the Firewall end. I believe this is more than just opening UDP/500 and Protocol 50 through the DSL router, but am not sure what. I'm trying to avoid UDP encapsulation as I also need to setup a Firewall to Firewall VPN which will involve a DSL NAT'ing device. We do have the Gateway IP as that of the DSL, so it can at least find it's way there, and the encryption domain is if the internal LAN, but I'm thinking the problem maybe that the address the firewall gives out, is not the same as the client sees and the client is noticing this and rejecting. Any pointers to doc's or gotchas would be greatly appreciated as nearly everyone I've talked to says this can't be done, or those who say it can be can't tell me how. Cheers, Steve Rielly Security Engineer Extranet Technologies Limited Level 3, 60 Cook St, Auckland, New Zealand P.O. Box 7726, Wellesley Street, Auckland, New Zealand Ph: +, Mob: 025 835530 Fax: +================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|