Here is the situation: a group of users inside the network are trying to
enable their users to connect to the firewall using Secure Remote. The
external ip address of the firewall is NAT'ed at our Internet connection.
In addition, the Secure Remote connection goes through another firewall
before it gets to the destination firewall. A crude diagram is below:
External User -------- Inside Fw External IP (NAT) --------- Internet
Firewall -------- Inside Fw External IP (Real)
209.209.209.209
172.31.1.1
The NAT is handled on the Internet router (Cisco 7206). The Checkpoint
version is 4.0, SP4, running on NT 4.0 w/ SP5.
The correct ports have been enabled on the Internet firewall, and Secure
Remote works from inside the network. It is only from the Internet that
they are having the problem. From out on the Internet, the Secure Remote
client authenticates successfully with the firewall, but is unable to get
anywhere on the network after that.
Is the NAT definitely causing the problem? Is this something that can't be
done? Or are there some other things we can look at?
Any ideas would be greatly appreciated.
Thanks,
Tim
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
