Firewall Wizards mailing list archives

SecuRemote Address Translation

From: Greg.Pergament () mercerdelta com
Date: Mon, 19 Nov 2001 16:47:56 -0500

I'm trying to find a way for the CheckPoint firewall to translate
SecuRemote users with an ISP assigned IP address to one that would be
allowed to pass through internal routers which filter out foreign IP.   It
seems that VPN traffic is filtered out at the internal2 router because it
comes through the firewall with an ISP allocated IP address.  VPN users are
unable to access the intranet (10.2.0.11) from our Check Point VPN firewall
(10.0.0.10).  The intranet site is accessible from both, our network
(10.1.0.0), and the firewall itself (10.1.0.10).  The VPN users are being
dropped in the next hop (10.2.0.1).  The firewall log doesn't show any
dropped packets.


     VPN-------------------CHKP---------Router(internal1)---------Router(
internal2)--------WebServer

(66.22.37.123)      (10.1.0.10)          (10.1.0.1)
(10.2.0.1)          (10.2.0.11)



Regards,

Greg


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

SecuRemote Address Translation Greg . Pergament (Nov 20)