A clarification would be good, here. Are you trying to send VPN traffic
from A, thru B, to C and back, or do you want to send traffic from A to
both B and C? Either one is possible. The latter scenario is the same
as the former scenario with the addition of an A->B VPN tunnel. So you
just need to know, at most:
1) how to set up vpn tunnels between two firewalls
2) how to pass vpn tunnels through a firewall
I'll assume you want to do IPSec vpn, and not FWZ...
For 1, consult the docs and Checkpoint's web site, or www.phoneboy.com.
There should be enough info and examples to do that. For 2, to pass
IPSec through a fw, you need a rule on B to permit the appropriate IP
*protocol*, AH or ESP or both (probably just ESP). Both protocols are
defined service objects, and are in the service group "IPSec". You also
need to permit IKE if you're using it, which is UDP, port 500. If
you're doing NAT at B, this gets a whole lot hairier...
Michael
Ivan Fox wrote:
>
> Let say three are 3 sites in serial, i.e., A --> B --> C. Each site has its
> own subnet and Check Point VPN-1. Can I setup a continuous VPN using Check
> Point VPN-1 starting from A and ending at C.
>
> Any pointers are appreciated.
>
> Ivan
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
