RE: [FW1] VPN Between Two Illegal Networks

Tue, 29 Aug 2000 10:04:57 -0700 


I do this through firewall 1 right now.

Work - NAT - Firewall 1 - Internet - Linksys Router - NAT - Home

Works great. 

Ironic thing is that both work and home use the 192.168.1.x addresses for
numbering so i thought the system would be confused but it works great.

PPTP server behind the firewall NATted with a static external interface.
Created
the rules to allow the internal and external nat interface to receive/send
in
the firewall (since pptp will encapsulate the packet as if its the external
interface you need to make sure your firewall correctly lets it out).

Setup RAS with PPTP on the NT box. Went home, installed PPTP Client there,
dialed
up the server by entering the external/internet ip of the pptp box and it
connects
at 100,000,000 bps just fine!  High encryption and everything else seems to
be supported.

You will want to setup the rules to allow your choice of vpn through..
either ipsec/pptp
as well as you can use the filtering features of NT to do this.

-byron

-----Original Message-----
From: Steve [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 29, 2000 10:40 AM
To: [EMAIL PROTECTED]
Subject: [FW1] VPN Between Two Illegal Networks




Hi,

Is it possible to set up a VPN between two illegal internal networks that
routes across the Internet?

Example:

netA -- (le0) FWmachineA (le1) -- internet -- (le1) FWmachineB (le0) -- netB


Where:

netA is an illegal internal network
netB is an illegal internal network

FWmachineA le1 has a valid Class C IP address
FWmachineB le1 has a valid Class C IP address

With an encrypted VPN how does a host on netA route to a host on netB
(without using NAT - not enough class C addresses available)?

Cheers,

-Steve




============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to