How do you have the remote gateway object defined? If you have it defined as a VPN object then your gateway gets an IKE packet from the remote end and tries to process it as if where a VPN peer, this object should be defined as a host. Also to note, if you are doing hide nat with the internal VPN device both ends must agree to do NAT-T or other type of encapsulation, or you could static NAT the internal host to get ESP working.
-GS -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of pkc_mls Sent: Monday, February 25, 2008 9:47 AM To: [email protected] Subject: Re: [FW-1] ike and NAT Scott Tobias a écrit : > Have you tried setting the link selection on the insides firewall to use the > NAT address ? > > the firewall is not part of this vpn, so the link selection is not relevant. it should only pass and NAT ike traffic before check for a vpn definition. > -Scott > Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
