Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Linksys BEFSR41 or BEFVP41

To: [email protected]
Subject: Re: [FW-1] Linksys BEFSR41 or BEFVP41
From: Shawn Kearley <[email protected]>
Date: Wed, 3 Apr 2002 13:24:34 -0330
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

I have experienced one problem with the Linksys BEFVP41 in my testing that you may or may not need to be aware of. The VPN set-up on the BEFVP41 allows for only a single subnet to be defined for the Encryption Domain. If the Encryption domain on your corporate firewall is made up of a group of separate subnets, then multiple individual VPNs will need to be set-up on the Linksys, one for each network in your company. In trying this however, I noticed that any time I pushed a new policy to the firewall, the Linksys would complain about the Encryption Domains for the various VPNs and the connections would go down until either, a) the Linksys was restarted, b) someone manually disconnected and reconnected the individual VPNs on the Linksys, or c) a new key was exchanged by IKE due to the expiration of the current one, which by default occurs each hour.

I do not know if this problem would be experienced or not when the encryption domains match exactly on the Linksys and Checkpoint.

Shawn

-----Original Message-----
From: CRAIG GILL [mailto:[email protected]]
Sent: April 3, 2002 11:12 AM
To: [email protected]
Subject: Re: [FW-1] Linksys BEFSR41 or BEFVP41

The BEFVP41 router is a slick router, you can use it to create a DES or 3DES vpn to a checkpoint firewall but you must have static ip addresses. If you decide you don't want the vpn just tear down the vpn connection and the router functions normally so you can use Securemote behind it to your hearts content.

Craig

-----Original Message-----
From: Faris, Craig [mailto:[email protected]]
Sent: Wednesday, April 03, 2002 9:06 AM
To: [email protected]
Subject: [FW-1] Linksys BEFSR41 or BEFVP41

Hi everyone, I was wondering if anyone has used the "VPN" version of the Linksys DSL routers for a small remote office connecting to a corporate network that uses a Checkpoint FW1/VPN (ver 4.1 on NT).

I am currently using DLink DI-704's and putting the secureremote client software on each PC. I want to try the Linksys products and I was going to just buy the "non" vpn version when I noticed the vpn product on their web page.

My goals: 1.To not have to use the SR software on each PC 2. If I buy the vpn version can I use it in non vpn mode (with software on the pc's) if the office-to-office vpn setup doesn't work out.

Thanks in advance.

Prev by Date: [FW-1] IPSO 330 routing redirect question
Next by Date: [FW-1] VP-1 to M$ tunnel?
Previous by thread: Re: [FW-1] Linksys BEFSR41 or BEFVP41
Next by thread: [FW-1] IPSO 330 routing redirect question
Index(es):
- Date
- Thread