Re: [FW-1] VPN and Router Access List

[Ray]

Correct. As long as the router is between the firewalls, it will only see 
the tunnel because it's not decrypting the traffic contained within the 
tunnel.

Are you sure the tunnel is up? Can you ping the next hop router on the 
internal networks from the far side? If not, can you ping the internal 
interface of the other firewall (after you have set up a rule to allow it)?

Ray

From: "Adeoba, Adetutu" <[EMAIL PROTECTED]>
Reply-To: Mailing list for discussion of Firewall-1              
<FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM>
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re: [FW-1] VPN and Router Access List
Date: Fri, 10 Jun 2005 08:27:09 +0100

The router is on our side between the firewall, so traffic hits the router
before getting to the firewall. The 868 is the port the telnet session has
to use for connection.

So does this mean I will not have to expressly write a statement to say
allow private network through for the private addresses as everything takes
place within the tunnel.?

Thanks

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================