Thanks for your time Sir, I will try it out tomorrow at the customer site,
Regards
----- Original Message -----
From: "Ali Husen Sumantoro" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Sunday, December 03, 2006 6:27 AM
Subject: Re: [FW-1] Making host perform a IPSec VPN and a IP traffic
Hi,
If you are referring to the NGX / NGAI counterpart, then yes.
I usually refer this as : VPNGW and application in the same host.
It could work if there's a software-based VPNGW configured in that host.
regards,
ali
On 12/3/06, Edouard Zorrilla <[EMAIL PROTECTED]> wrote:
Hello Sir,
All of this with the same source host ?
Regards
----- Original Message -----
From: "Ali Husen Sumantoro" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Saturday, December 02, 2006 7:15 AM
Subject: Re: [FW-1] Making host perform a IPSec VPN and a IP traffic
> Dear Edouard,
>
> I've had experience setting up some VPN connections from NGX or NG AI
> to a single host. (equipped with software based VPN Gateway i.e.
> raccoon, freeswan, openswan).
>
> MyHost-NGX-----------(tunnel)-----------PartnerHost(VPNGW+application
> server)
>
> In Partners host there are Freeswan/Openswan/Raccoon and also the
> application that needs to communicate with MyHost.
>
> To enable this I usually create PartnerHost as Interoperable Device
> and the domain encryption is set to "match all behind gateway".
>
> Rule :
> PartnerHost (Source) --- MyHost (destination) ---- Encrypt (Any) ---
> Service (TCP XXXX).
>
> regards,
> Ali Husen Sumantoro
> Excelcomindo Pratama
> Jakarta, Indonesia
>
> On 12/2/06, Edouard Zorrilla <[EMAIL PROTECTED]> wrote:
>> Hello,
>>
>> I wonder if some of you were able to make a host perform a tunnel
>> IPSec
>> and a normal IP traffic at the same time with a host alone. When I set
>> up
>> a tunnel it works but the host is not able to send ip traffic any
>> more.
>>
>> I mean:
>>
>> SiteA
>> ^
>> |
>> IP Traffic w/o IPSec.
>> |
>> |
>> Host---VPN-IPSec-Tunnel-->SiteB
>>
>> When It send traffic to SiteA it says that it must be encrypted and it
>> is
>> droped, however thru the IPSec tunnel works well. I am making a NAT so
>> that the tunnel IPSec works.
>>
>> I will appreciate some of you make this work in a NGX appliance.
>>
>> Best Regards
>>
>
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
