1. Set your Checkpoint client to use UDP encapsulation mode. 2. Configure the PIX to have a static for the FW-1, and have an access list that permits UDP 2746 through to the FW-1 (and whatever other ACL stuff you may need).
Done. All the other solutions involve using nat 0 on the PIX which, although it may work, isn't really recommended. Cheers, -- Ben Nagy Network Security Specialist Mb: TBA PGP Key ID: 0x1A86E304 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, May 14, 2002 12:52 PM To: [EMAIL PROTECTED] Subject: Any experience with CheckPoint VPN client getting through Cisco PIXfirewall? Hi, The idea is to install CheckPoint VPN-1 SecureClients (v4.1 SP5 3DES) on external network PCs to have them vpn through the remote network Cisco PIX firewall to our CheckPoint VPN-1/FW-1 (currently version 4.1 SP5). I'm lookiing for possible issues with encrypted CP packets getting through Cisco PIX firewall - any ideas, please ? Thanks, Artur _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
