From: Dan.Thorson@seagate.com
Date: Mon Jun 16 2003 - 18:42:39 GMT-3
re: CheckPoint VPN gateway via NAT:
1) You need to verify that you're getting BOTH pop-ups stating that the VPN
authentication has worked.... the 1st one has blue text saying "blah blah
auth ok blah blah" and the second says that the secure config has been
verified. If you don't get BOTH then that's bad.
2) If you never get asked to authenticate it could be because the NAT'd
IP's being handed off to your VPN client are defined by the client as being
"inside" your corporate firewall (checkpoint uses the concepts of
within/without). Now you're completely hosed.
3) If you indeed get both boxes above, or if you only get one of them, try
this:
Within the VPN client
Tools -> Encryption Scheme
Advanced
and check the "Force UDP encapsulation"
This often fixes the NATing issue for Checkpoint's VPN client.
danT
===================================================
Dan Thorson - Seagate Technology - CCIE 10754
desk +1 (952) 402-8293 fax +1 (952) 402-1007
SeaTel 8-402-8293
===================================================
This archive was generated by hypermail 2.1.4 : Fri Jul 04 2003 - 11:10:59 GMT-3