It's my understanding that you can not do VPN over NAT.
===================================
Joel Eames - CCSA/CCSE
Data Security Analyst
Information Services
Texas Children's Hospital
(713)770-4441
[EMAIL PROTECTED]
===================================
> -----Original Message-----
> From: Dan Hitchcock [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, September 01, 2000 1:00 PM
> To: 'Robert Jones'; [EMAIL PROTECTED]
> Subject: RE: [FW1] Linksys DSL/Cable Router & SecuRemote
>
> A common problem encountered with such a DSL configuration is the MTU
> size. I am certainly not the expert, but a doc can be found at
> <http://www.phoneboy.com/fw1/faq/0380.html> that may help with your issue.
> Basically, the problem is that your client is probably using the default
> ethernet MTU of 1500, while your linksys router is using an MTU more
> typical of serial connections. Check out the link above for details.
> Good luck!
>
> Dan Hitchcock
> CCNA, MCSE
> Network Engineer
> Xylo, Inc. (formerly employeesavings.com)
> 425.456.3970
> The work/life solution for corporate thought leaders
>
> -----Original Message-----
> From: Robert Jones [mailto:[EMAIL PROTECTED]]
> Sent: Friday, September 01, 2000 6:38 AM
> To: [EMAIL PROTECTED]
> Subject: [FW1] Linksys DSL/Cable Router & SecuRemote
>
>
> Hello everyone, I apologize if this has been covered before as I am
> new to the Mailing list.
>
> I am attempting set up a VPN in my office. We are using FW1 4.1 SP2
> and SecuRemote 4.1 SP2. I set up Hybride IKE encryption and successfully
> authenticate and access my network from Home, when I'm not using the
> linksys Router. Many people in my company will be using these Home
> Routers and I cannot seem to get the SecurRemote to access the VPN through
> them. With the router connected, I do successfully Authenticate but then
> cannot ping anything on the internal network. I don't even see anything
> in the log viewer that shows my ping or telnet requests.
>
> I stopped the firewall, deleted the objects.C backup files and then
> made changes to the objects.C file, ":userc_NAT (true)" and
> ":userc_IKE_NAT (true)". I then restarted the firewall and for safe
> measure, installed the policies again. No Luck. I then mapped UDP ports
> 259 and 500 on the Linksys Router to point to my SecuRemote Client. I also
> did a firmware upgrade on the Linksys Router to support IPSec passthru.
> Tried again, no luck. I'm sure I am forgetting to list some of things I
> did but I hope I gave everyone the idea.
>
> Again, when the router is disconnected and the home PC is configured
> directly for the cable modem, the VPN works beautifully.
>
> Anybody have any ideas. I have been told that this can be done,
> just no one seems to know how.
>
> Robert Jones
> Plan B Communications
> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
