RE: [fw-wiz] Remote Access via Checkpoint VPN

From: Desai, Ashish (Ashish.Desai_at_fmr.com)
Date: 08/18/04

  • Next message: David West: "RE: [fw-wiz] Issues opeing firewall for SSH/SecureFTP?"
    To: "Ludolph, Michel" <Michel.Ludolph@atosorigin.com>, <firewall-wizards@honor.icsalabs.com>
    Date: Wed, 18 Aug 2004 10:57:14 -0400
    
    

    You might want to read this BEFORE you try anything this X!@#$!#$

    http://www.faqs.org/faqs/cisco-networking-faq/section-24.html

    You CANNOT expose 10.x address space to the Internet!!!!!

    Ashish

    -----Original Message-----
    From: Ludolph, Michel [mailto:Michel.Ludolph@atosorigin.com]
    Sent: Tuesday, August 17, 2004 4:52 AM
    To: firewall-wizards@honor.icsalabs.com
    Subject: [fw-wiz] Remote Access via Checkpoint VPN

    Hello,

    I have the following setup up with Checkpoint FW-1:

    Internet------10.x.x.x--FW--10.x.x.x----- Internal network
                                    |
                                    |
                                    |
                            20.20.20.20 (DMZ)

    Pease note:
    - the external FW-interface has a private IP-address (10.x.x.x).
    - the DMZ FW-interface has a public IP-address (20.20.20.20 as an
    example)

    I would like to setup a VPN on the FW, to which a remote client can
    connect via the Internet, using SecureClient. According to Checkpoint
    documentation the VPN should bind to the FW-external interface. This is
    the problem, my FW-external interface has a private IP-address, which is
    not routable via the Internet. In order to make this working I would
    like the VPN to bind to the DMZ-interface (20.20.20.20) instead of the
    external interface.

    Has anyone setup such a VPN and does it work or do you have any
    suggestions?

    Thanks for your help.

    michelDOTludolphATatosoriginDOTcom
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: David West: "RE: [fw-wiz] Issues opeing firewall for SSH/SecureFTP?"

    Relevant Pages

    • RE: [fw-wiz] Remote Access via Checkpoint VPN
      ... You should definitely configure a public IP on your firewall. ... I would like to setup a VPN on the FW, to which a remote client can connect ... FW-external interface has a private IP-address, ...
      (Firewall-Wizards)
    • >>>> SETUP VPN <<<<
      ... Vpn End Points Setup Vista ... Setup Vpn Windows Server 2003 ... Setup Vpn With Zyxel Prestige Router ...
      (rec.radio.shortwave)
    • Re: Port Forwarding?
      ... Here is my current setup at home. ... D-Link Wireless Router ... The term "Virtual Server" is D-Link speak for port forwarding. ... supports VPN passthru, so you'll have to setup a VPN client on the ...
      (microsoft.public.windowsxp.network_web)
    • Re: How to configure for Two different IP subnets
      ... Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net ... I realize this is actually way more than I need for my setup, ... setting up a server is more than I even actually need. ... server with the outside Wan coming into one and the network setup on the ...
      (microsoft.public.windows.server.networking)
    • Dlink DI-804HV <-> DI-804HV VPN Blues
      ... I am having no end of problems trying to get what should be a simple VPN ... The basic setup is as follows: ... Office Network: ... The remote site, 211.47.129.10 uses a cable modem which is connected to the ...
      (comp.dcom.vpn)