> Hello All, > > We are currently having issues with Cisco's 3000 VPN Client > (ver. 2.5.2 B) > connecting via IKE to a PIX (6.1 (3)) from behind Checkpoint FW-1 4.1 Sp5 > doing hide NAT.
I am not familiar with these products, but if I understand IKE, it implies using an IPSec VPN. If you are natting with an IPSec VPN, you will have problems. NAT rewrites the packet headers, IPSec checks headers to make sure that they have not been tampered with between the server and the client, you can see how this would create a conflict. Typically speaking, it is not recommended to use an IPSec VPN through a NAT gateway. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
