Checkpoint NG AI VPN nated

Archived from groups: comp.security.firewalls (More info?)

My VPN gateway is behind NAT device. Is it possible to achive VPN
connectivity from SecureClient to this VPN gateway in this scenario?

thanks
4 answers Last reply
More about checkpoint nated
  1. Archived from groups: comp.security.firewalls (More info?)

    On Mon, 22 Aug 2005 17:51:23 +0200, no@no.no wrote:

    >My VPN gateway is behind NAT device. Is it possible to achive VPN
    >connectivity from SecureClient to this VPN gateway in this scenario?

    This was asked only recently. Yes, you just need to make sure the relevant
    ports are forwarded on the NAT box to the gateway.
  2. Archived from groups: comp.security.firewalls (More info?)

    On Mon, 22 Aug 2005 20:36:31 GMT, Memnoch wrote:

    > On Mon, 22 Aug 2005 17:51:23 +0200, no@no.no wrote:
    >
    >>My VPN gateway is behind NAT device. Is it possible to achive VPN
    >>connectivity from SecureClient to this VPN gateway in this scenario?
    >
    > This was asked only recently. Yes, you just need to make sure the relevant
    > ports are forwarded on the NAT box to the gateway.

    Well i am not sure. My system does not have public IP on VPN gateway and I
    think it does not work because of that.
  3. Archived from groups: comp.security.firewalls (More info?)

    On Wed, 24 Aug 2005 13:20:51 +0200, Drx <read@from.sign> wrote:

    >On Mon, 22 Aug 2005 20:36:31 GMT, Memnoch wrote:
    >
    >> On Mon, 22 Aug 2005 17:51:23 +0200, no@no.no wrote:
    >>
    >>>My VPN gateway is behind NAT device. Is it possible to achive VPN
    >>>connectivity from SecureClient to this VPN gateway in this scenario?
    >>
    >> This was asked only recently. Yes, you just need to make sure the relevant
    >> ports are forwarded on the NAT box to the gateway.
    >
    >Well i am not sure. My system does not have public IP on VPN gateway and I
    >think it does not work because of that.

    As I said you would need to configure a Static NAT to the gateway. You could
    also configure the NAT device for bridging and give the VPN gateway the same
    address as the NAT device IYSWIM.
  4. Archived from groups: comp.security.firewalls (More info?)

    On Wed, 24 Aug 2005 21:33:05 GMT, Memnoch wrote:

    > On Wed, 24 Aug 2005 13:20:51 +0200, Drx <read@from.sign> wrote:
    >
    >>On Mon, 22 Aug 2005 20:36:31 GMT, Memnoch wrote:
    >>
    >>> On Mon, 22 Aug 2005 17:51:23 +0200, no@no.no wrote:
    >>>
    >>>>My VPN gateway is behind NAT device. Is it possible to achive VPN
    >>>>connectivity from SecureClient to this VPN gateway in this scenario?
    >>>
    >>> This was asked only recently. Yes, you just need to make sure the relevant
    >>> ports are forwarded on the NAT box to the gateway.
    >>
    >>Well i am not sure. My system does not have public IP on VPN gateway and I
    >>think it does not work because of that.
    >
    > As I said you would need to configure a Static NAT to the gateway. You could
    > also configure the NAT device for bridging and give the VPN gateway the same
    > address as the NAT device IYSWIM.

    Cisco router is in front of Chaeckpoint and NAT is done on Cisco router. If
    i but client behind router, VPN is ok, and if I put it on public side of
    router, VPN does not work
Ask a new question

Read More

Firewalls VPN Gateway Networking