Weird.
My $160.00 LinkSys SOHO Router/Switch at home does nat and works with
IPSEC and PPTP just fine at home.
Don't know why firewall one wouldn't be able to be creative and let
it through. I havn't tried multiple sessions (ie ipsec to 2 machines
or from 2 machines yet) so i don't know if the linksys handles that, but
it is possible!
-byron
-----Original Message-----
From: WILKINS, James [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 06, 2000 4:49 AM
To: '[EMAIL PROTECTED]'
Cc: 'Little, Craig (SSI-SIAP-NP5)'
Subject: RE: [FW1] Gauntlet VPN through FW-1
Craig,
Unfortunately if you check out the IETF RFC for the IPSec protocol you'll
see that one of the restrictions of the protocol suite is that it can't be
NAT'd. I ran into this problem in my last job and it's a real pisser.
We did someone research into routing IPSec over GRE but the only OS we
managed to get it to even half work on was BSD.
You'll have to use another VPN protocol.
Regards
James
> -----Original Message-----
> From: Little, Craig (SSI-SIAP-NP5) [mailto:[EMAIL PROTECTED]]
> Sent: 06 September 2000 05:23
> To: [EMAIL PROTECTED]
> Subject: [FW1] Gauntlet VPN through FW-1
>
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Does anyone have any experience allowing Gauntlet VPN traffic to pass
> through Firewall-1 unobstructed? The problem is thus:
>
> We have a 'partner' company who wants to utilise our connection to
> the internet (for a fee), and get rid of their own connection. So far
> we've been successful swapping MX pointers and mail-bagging for them,
> and providing Web proxy services (both fairly easy to implement), but
> we have a problem delivering their IPSec traffic.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
