I think you can still NAT on your remote client site
but the remote client local ip address must not be in
your encryption domain.
Yim
--- "Reynolds, Tom" <[EMAIL PROTECTED]>
wrote:
>
> Hi all,
>
> We were recently able to resolve this same issue
> with DSL and the NAT and
> LinkSYS router. What I came to realize from the
> logs was that the firewall
> was issuing a KEY INSTALL to one address (the
> routers valid address) and
> then traffic tried to come in from the host (NATed
> address). That wasn't
> going to work. We had the client turn off NAT, use
> a valid internet
> address, install a personal firewall, and all
> worked.
>
> Sorry I can't be more specific about the LinkSYS
> config. I only needed to
> get the VPN working, not start troubleshooting DSL
> and NAT issues.
>
> If you need to work it out with NAT, Phoneboy.com
> had some info about
> LinkSYS and NAT and DSL. Good Luck.
>
> Tom Reynolds, MCSE, CCNA
> _________________________
> Pilgrim Baxter and Associates
> Network Security and Engineering
> 825 Duportail Rd.
> Wayne, Pennsylvania 19087-5525
> 610-578-1581
> [EMAIL PROTECTED]
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 02, 2000 1:12 PM
> To: Joe Delsol
> Cc: FW-1 List (E-mail)
> Subject: Re: [FW1] SR over @HOME connection (See
> Notice Below)
>
>
>
>
> DSL is not support by Checkpoint. It works sometimes
> and sometimes it does
> not.
>
>
>
>
> Joe Delsol <[EMAIL PROTECTED]> on 11/02/2000
> 12:46:29 PM
>
> To: "FW-1 List (E-mail)"
> <[EMAIL PROTECTED]>
> cc: (bcc: Gail Hulse/DEWEY)
> Subject: [FW1] SR over @HOME connection
>
>
>
>
>
> Is anyone able to do this?
> I had two users try last night and they had
> different results.. The first
> could get Authenticated, but the second was prompted
> for the USERid/password
> and then was not able to reach the server.. The
> person that did get
> Authenticated was not able to get any packets to the
> site after the
> Authentication.
>
> The known difference between the two users is that
> the one that did get
> Auth. has a linkSYS DSL/Cable broadband router doing
> NAT.
>
> We do have SR working from behind NAT over DSL.
>
> Any ideas?
> Thanks!
> Joe
> If you want to send direct to me, I'll keep your
> post off the list.
>
>
>
>
================================================================================
> To unsubscribe from this mailing list, please
> see the instructions at
>
> http://www.checkpoint.com/services/mailing.html
>
================================================================================
__________________________________________________
Do You Yahoo!?
>From homework help to love advice, Yahoo! Experts has your answer.
http://experts.yahoo.com/
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
