If you are using NAT, there will be an additional UDP port (for NAT traversal) which I believe Cisco defaults to 10000. ----- Original Message ----- From: "Brad Rusnak" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, September 19, 2002 2:11 PM Subject: Re: [FW-1] Opening checkpoint fw-1 to for Cisco VPN
> Open up IPSEC and UDP_500 from the source IP to the cisco 3000 VPN network > side. Depending on if the source IP is NAT'd or not you need to open access > to the destination from the 3000 VPN. Also, depending with SP FW-1 is on, > there is a line (pre-SP2) that needs to be REM'd out of the On the > Management station, open the file $FWDIR/lib/fwui_head.def > 2. Find the line: > > /*#define ALLOW_NON_SYN_RULEBASE_MATCH*/ > > 3. Uncomment the line. Change it to > > #define ALLOW_NON_SYN_RULEBASE_MATCH > > > Brad Rusnak, AVP > Bank One - CIG Chicago Tech Ops > 300 S. Riverside Plaza - M/L IL1-0746 > Chicago, IL 60606 > (V) 312-954-2523 (P) 312-378-7057 > (C) 847-732-9377 (F) 312-954-1109 > [EMAIL PROTECTED] > > > > This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
