Bare in mind to establish a VPN tunnel, you must have capable devices on both ends of the tunnel. If you need to encrypt traffic betweeen two hosts located in segments to which your firrewall has interfaces, there is nothing you can do with your firewall because it is just a hop in the way traversed by that VPN.
Your firewall can be an end point of a VPN but cannot do anything, in regards of encyption for traffic just passing through. Regards On Wed, Dec 2, 2009 at 2:37 AM, a bv <[email protected]> wrote: > What is wanted is to encrypt the traffic between DMZ segment and a > machine at LAN. the trafiicc will be about database processes i guess > . I controll the fw but dont know what the people are trying to do > much. > > Regards > > 2009/12/1 pkc_mls <[email protected]>: > > a bv a écrit : > >> Hi, > >> > >> What i need to know about deploying IPSEC between DMZ network and a > >> host (o a little more) which reside on LAN? Putting the security rule > >> with some related ports will be enough to work it out or i need to > >> know and monitor more? > > Hi, > > > > why would you tunnel communication between two lans connected to the > > same device ? (did I misunderstood something ?). > > > > which kind of traffic would you like to crypt/secure ? > > > > did you check if ssl tunnel could suit your needs ? > >> > >> Regards > > > > > > Scanned by Check Point Total Security Gateway. > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [email protected] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [email protected] > > ================================================= > > > > Scanned by Check Point Total Security Gateway. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > -- Sergio Alvarez +(506)88301342 Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
