CheckPoint supports it AFAIK but home NAT devices (Linksys, Netgear, etc.) don't always support it. Depends on the firmware version. Other firewalls may also get in the way if you are originating from inside another firewall.
-- Jon Allingham Director, IVT Leapstone Systems -----Original Message----- From: Brian A. Bohanna [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 10, 2003 5:34 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] VPN Question Hmmm, SO then I can have as many IPSec tunnells connecting to my gateway from the outside originating from the same source IP? ___________________________ Brian Bohanna Sr. Consultant [EMAIL PROTECTED] Phone: (302) 656-6050 ext. 263 Fax: (302) 656-6058 Cell: (609) 501-2902 -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Crist Clark Sent: Wednesday, December 10, 2003 4:54 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] VPN Question "Brian A. Bohanna" wrote: > > Real quick one. > > I am assuming the answer is no (based on networking 101) but is there > an option to allow several Secure Remote clients to creat tunnells to > a single gateway originating from a single IP. I have a client who > wishes to have 4 people behind their firewall (unknown vendor) aceess > my VPN gateway. Well, networking 101 says that this is possible if we are talking IPsec tunnels. For each tunnel the <src IP, dst IP, proto, SPI> quadruplet must be unique. Given that the SPI is a 32-bit integer, you can have a lot more than 4 hosts behind it. This is just the kind of situation that UDP/TCP encapsulation schemes of IPsec is for, so I would _assume_ VPN-1 can deal, but I do not know for sure. -- Crist J. Clark [EMAIL PROTECTED] Globalstar Communications (408) 933-4387 The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact [EMAIL PROTECTED] ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
