no need since there's no overlapped nat or network. I request my Partners to NAT their servers/network into IPs /subnet that I specified which is different from my local network.
I've beeb using this method on NG AI and NGX. rgds, Ali HS On 10/4/07, No Name Available <[EMAIL PROTECTED]> wrote: > Ali do you still need to modify your object.c fiel if you are doing this > in NGX. In NG one has to edit (enable_overlapping_nat) to true. > > Kind regards > > Tauseef Khan > > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] On Behalf Of Ali > Husen Sumantoro > Sent: 04 October 2007 01:29 > To: [email protected] > Subject: Re: [FW-1] [FW1] VPN site to site overlapping one network > > To avoid such conditions, I usually set-up a special segment reserved > for Partners encryption domains. Therefore, I will ask Partners to NAT > their servers which need to connect to my servers using subnet block > extracted from the special segment. > > This way, I could have consistent domain encryptions, routing and anti > spoofing enabled. > This setup will be useful if Partners are using private IPs for their > servers. > > rgds, > Ali HS > IT Security Analyst > Excelcomindo Pratama > www.xl.co.id > > On 10/4/07, Jose Valdivia <[EMAIL PROTECTED]> wrote: > > Hello all, I have this scenario: > > > > Lan 10.10.10.0/24(1) --- [FW](1) ------ Internet ------ [FW](2) > ------ > > Several lans, one of them 10.10.10.0/24(2), and the destination > > 192.168.1.0/24 > > > > I need to create a VPN site to site, allowing traffic from > 10.10.10.0/24(1)to > > 192.168.1.0/24, is bidirectional taffic. > > > > I have control on [FW](2). That means that any change talking about > NATs > > should be do it by me. > > > > By the way, I have others VPNs and the network 10.10.10.0/24(2), is > used on > > it. > > > > I really don't know how to set up this, I been thinking if I use the > > 10.10.10.0/24 has domain encryption on the interporable device > [FW](1), but > > I don't know how checkpoint is going to handle this. > > > > Any one has been in this situation before ? > > Regards. > > -- > > > > -- > > Jose Valdivia > > Firewall Enginner > > > > Perot Systems > > CCSA CCSE WCSA NCMA NCMP > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > This electronic message contains information from bet365 Group Limited which > may be privileged or confidential. The information is intended to be for the > use of the individual(s) or entity named above. If you are not the intended > recipient be aware that any disclosure, copying, distribution or use of the > contents of this information is prohibited. If you have received this > electronic message in error, please notify us by telephone or email > immediately. > > Activity and use of the bet365 Group Limited email system is monitored to > secure its effective operation and for other lawful business purposes. > Communications using this system will also be monitored and may be recorded > to secure effective operation and for other lawful business purposes. > > bet365 Group Limited > Registered office: Hillside, Festival Way, Stoke-on-Trent, Staffordshire, > ST1 5SH > Registered in England no. 3958393 > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
