RE: [fw-wiz] Remote Access via Checkpoint VPN

Date: 08/18/04

  • Next message: Patrick M. Hausen: "Re: [fw-wiz] Gauntlet 6 "adaptive proxy""
    Date: Tue, 17 Aug 2004 22:00:18 -0400


    You're completely off you're nut!

    If you don't use a public IP on your firewall then I would suggest that alot
    of your PMTU is broken as well as your potential VPN.

    You should definitely configure a public IP on your firewall.

    That's the only way to make it work correctly.


    Mike H

    -----Original Message-----
    []On Behalf Of Ludolph,
    Sent: Tuesday, August 17, 2004 4:52 AM
    Subject: [fw-wiz] Remote Access via Checkpoint VPN


    I have the following setup up with Checkpoint FW-1:

    Internet------10.x.x.x--FW--10.x.x.x----- Internal network

    Pease note:
    - the external FW-interface has a private IP-address (10.x.x.x).
    - the DMZ FW-interface has a public IP-address ( as an example)

    I would like to setup a VPN on the FW, to which a remote client can connect
    via the Internet, using SecureClient. According to Checkpoint documentation
    the VPN should bind to the FW-external interface. This is the problem, my
    FW-external interface has a private IP-address, which is not routable via
    the Internet. In order to make this working I would like the VPN to bind to
    the DMZ-interface ( instead of the external interface.

    Has anyone setup such a VPN and does it work or do you have any suggestions?

    Thanks for your help.

    firewall-wizards mailing list
    firewall-wizards mailing list

  • Next message: Patrick M. Hausen: "Re: [fw-wiz] Gauntlet 6 "adaptive proxy""