Hello
I am facing problems while setting up a Netscreen VPN box behind
CheckPoint firewall.
Netscreen client will establish VPN tunnel with Netscreen box.
I have identified the "port"(12289) and "protocol" (50 IPv6-Crypt
Encryption Header)
used by netscreen for this purpose.
Although I have allowed all services from any source to reach
netscreen box, I have observed that
Checkpoint is blocking the replies back to VPN client.
If I set "no security policy" on the internal interface, "Any" on
the external interface, and set the
rule base direction "inbound", the tunnel is established. But in
this way Firewall is not checking
the packets orginating from the "internal network" and the replies
for the established sessions.
Is there any better ways of doing this?
Regards
Vijay
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
