I read Frank's post and while I am testing this in our lab I wanted to see
if anyone had come up with a solution already.
Problem:
local-net 10.10.10.0
partner-net 10.10.10.0
IKE VPN
Is it possible to NAT either you or your partner -net, BEFORE or after it
crosses the VPN ?
Objective:
To allow a VPN between two companies without re-addressing either company.
Jon
Date: Wed, 4 Oct 2000 22:38:56 -0500
From: Frank Knobbe <[EMAIL PROTECTED]>
Subject: RE: [FW1] VPN + NAT
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
For these types of VPN's you probably want to add two Translation
rules that disable NAT for connections through the VPN tunnel. The
two rules are:
MyNet - PartnerNet - Any - Original - Original - Any
PartnerNet - MyNet - Any - Original - Original - Any
Make sure you set routes in your network that directs traffic aimed
at the PartnerNet to your firewall.
Regards,
Frank
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
