Checkpoint NG AI VPN nated

Anonymous

August 22, 2005 9:51:23 PM

Archived from groups: comp.security.firewalls (More info?)

My VPN gateway is behind NAT device. Is it possible to achive VPN
connectivity from SecureClient to this VPN gateway in this scenario?

thanks

More about : checkpoint vpn nated

| E-mail me updates
| Report abuse

Anonymous

August 23, 2005 12:36:31 AM

Archived from groups: comp.security.firewalls (More info?)

On Mon, 22 Aug 2005 17:51:23 +0200, no@no.no wrote:

>My VPN gateway is behind NAT device. Is it possible to achive VPN
>connectivity from SecureClient to this VPN gateway in this scenario?

This was asked only recently. Yes, you just need to make sure the relevant
ports are forwarded on the NAT box to the gateway.

| Report abuse

Drx

August 24, 2005 5:20:51 PM

Archived from groups: comp.security.firewalls (More info?)

On Mon, 22 Aug 2005 20:36:31 GMT, Memnoch wrote:

> On Mon, 22 Aug 2005 17:51:23 +0200, no@no.no wrote:
>
>>My VPN gateway is behind NAT device. Is it possible to achive VPN
>>connectivity from SecureClient to this VPN gateway in this scenario?
>
> This was asked only recently. Yes, you just need to make sure the relevant
> ports are forwarded on the NAT box to the gateway.

Well i am not sure. My system does not have public IP on VPN gateway and I
think it does not work because of that.

| Report abuse

Anonymous

August 25, 2005 1:33:05 AM

Archived from groups: comp.security.firewalls (More info?)

On Wed, 24 Aug 2005 13:20:51 +0200, Drx <read@from.sign> wrote:

>On Mon, 22 Aug 2005 20:36:31 GMT, Memnoch wrote:
>
>> On Mon, 22 Aug 2005 17:51:23 +0200, no@no.no wrote:
>>
>>>My VPN gateway is behind NAT device. Is it possible to achive VPN
>>>connectivity from SecureClient to this VPN gateway in this scenario?
>>
>> This was asked only recently. Yes, you just need to make sure the relevant
>> ports are forwarded on the NAT box to the gateway.
>
>Well i am not sure. My system does not have public IP on VPN gateway and I
>think it does not work because of that.

As I said you would need to configure a Static NAT to the gateway. You could
also configure the NAT device for bridging and give the VPN gateway the same
address as the NAT device IYSWIM.

| Report abuse

Anonymous

August 26, 2005 6:32:04 PM

Archived from groups: comp.security.firewalls (More info?)

On Wed, 24 Aug 2005 21:33:05 GMT, Memnoch wrote:

> On Wed, 24 Aug 2005 13:20:51 +0200, Drx <read@from.sign> wrote:
>
>>On Mon, 22 Aug 2005 20:36:31 GMT, Memnoch wrote:
>>
>>> On Mon, 22 Aug 2005 17:51:23 +0200, no@no.no wrote:
>>>
>>>>My VPN gateway is behind NAT device. Is it possible to achive VPN
>>>>connectivity from SecureClient to this VPN gateway in this scenario?
>>>
>>> This was asked only recently. Yes, you just need to make sure the relevant
>>> ports are forwarded on the NAT box to the gateway.
>>
>>Well i am not sure. My system does not have public IP on VPN gateway and I
>>think it does not work because of that.
>
> As I said you would need to configure a Static NAT to the gateway. You could
> also configure the NAT device for bridging and give the VPN gateway the same
> address as the NAT device IYSWIM.

Cisco router is in front of Chaeckpoint and NAT is done on Cisco router. If
i but client behind router, VPN is ok, and if I put it on public side of
router, VPN does not work

| Report abuse