What is the best way to setup a site to site tunnel between an NG AI R55 box and an Edge X appliance?
Some key points about the R55 box: - Running on SecurePlatform - Head office - Static NAT configuration (10.1.1.x) - All public addresses are static - version R55 HFA 04 Some key points about the Edge appliance: - Self managed (not managed by the R55 box) - Remote office - NAT configuration (192.168.20.x) - DHCP external but always receives the same IP - version 4.0.93x So far I have tried many combinations without success. Example1: - created an externally managed "VPN-1 Edge" object - the Edge VPN-domain topology set as "this gateway" - attached to a Star communitity - the policy always fails if a rule references anything to do with VPN??? Example2: - created an externally managed "Checkpoint Gateway" object - tunnel connects allowing the Edge to access 10.1.1.x addresses based on R55 policy - any attempt to access any Edge address (192.168.20.x) fails with an error regarding "unknown peer" I have also tried remote access configurations but could never get a valid policy to work. Perhaps I have missed something completely. We had this problem with FP3 before we upgraded and we still have it with R55. Any ideas or suggestions are welcome!! ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
