How would one do the follwing: 2 VPN Sites:
[SiteA] <-IPSEC-> [Internet] <-IPSEC-> [SiteB] Site-to-site VPN is functioning fine. We have 25 secure client licenses that are only in use at SiteA. Users coming in through site A need access to information at SiteB. Currently it doesn't seem as though traffic is leaving the secureclients properly. Any ideas? We're running v4.1 SP5 on both ends. This is a pretty new install. Previously, SiteA <-> SiteB access was through an additional Cisco2621 and PIX. We just migrated off of those this weekend. Other than the secureClient not going all the way through everything else is functional. I'm not sure if the description below would help as the secureclient users don't have local routers. Nor are we doing Hub/Spoke Site-to-Site VPNs. These are all SecureClient Users. Thanks in advance (btw: I owe this list some Linksys /Wifi Configs. I haven't forgot..) MALIN, ALEX (PB) wrote: > You did get the "answer" that HUB & SPOKE can be done with a router inside > the firewall at the HUB site (see below). Assuming that this architecture > works, here's what I'd try: > > Firewall at each SPOKE site: > > Rule 1 src: local_VPN_Domain (local network) > dst: HUB_VPN_Domain (A private network address that includes ALL > SPOKE networks / NAT to IP of router at HUB site. > -- Anthony Mendoza IT & Customer Support [EMAIL PROTECTED] t: 408-585-5612 / c: 408-314-5038 p: 888-886-7205 / f: 208-247-5501 ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
