Hello Sir,
All of this with the same source host ?
Regards
----- Original Message -----
From: "Ali Husen Sumantoro" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Saturday, December 02, 2006 7:15 AM
Subject: Re: [FW-1] Making host perform a IPSec VPN and a IP traffic
Dear Edouard,
I've had experience setting up some VPN connections from NGX or NG AI
to a single host. (equipped with software based VPN Gateway i.e.
raccoon, freeswan, openswan).
MyHost-NGX-----------(tunnel)-----------PartnerHost(VPNGW+application
server)
In Partners host there are Freeswan/Openswan/Raccoon and also the
application that needs to communicate with MyHost.
To enable this I usually create PartnerHost as Interoperable Device
and the domain encryption is set to "match all behind gateway".
Rule :
PartnerHost (Source) --- MyHost (destination) ---- Encrypt (Any) ---
Service (TCP XXXX).
regards,
Ali Husen Sumantoro
Excelcomindo Pratama
Jakarta, Indonesia
On 12/2/06, Edouard Zorrilla <[EMAIL PROTECTED]> wrote:
Hello,
I wonder if some of you were able to make a host perform a tunnel IPSec
and a normal IP traffic at the same time with a host alone. When I set up
a tunnel it works but the host is not able to send ip traffic any more.
I mean:
SiteA
^
|
IP Traffic w/o IPSec.
|
|
Host---VPN-IPSec-Tunnel-->SiteB
When It send traffic to SiteA it says that it must be encrypted and it is
droped, however thru the IPSec tunnel works well. I am making a NAT so
that the tunnel IPSec works.
I will appreciate some of you make this work in a NGX appliance.
Best Regards
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
