Try IKE with UDP encapsulation. FWZ and nat is a bad idea. rgds andre' #include <std-disclaimer.h>
David Ho wrote: > Hello everyone, > > I'm currently trying to get my SecurClient to establish a vpn tunnel to our > fw-1, behind a DSL gateway/router running NAT. Our company is using FWZ > instead of IKE for the authentication scheme. I opened up port 259 for FWZ > and was able to get the client to authenticate fine. > > Where it breaks is after the authentication, I cannot seem to successfully > pass the data after that.. I sniffed the network and can see that the > payload is encrypted going out and I'm getting responses from the fw-1. I > know that IPSec has some difficulties with NAT, but my company is not using > it. > > Any ideas on how to make the vpn tunnel work behind a natting gateway? > > Thanks, > David > *******************Internet Email Confidentiality Footer******************* > > > Privileged/Confidential Information may be contained in this message. If > you are not the addressee indicated in this message (or responsible for > delivery of the message to such person), you may not copy or deliver this > message to anyone. In such case, you should destroy this message and kindly > notify the sender by reply email. Please advise immediately if you or your > employer do not consent to Internet email for messages of this kind. > Opinions, conclusions and other information in this message that do not > relate to the official business of my firm shall be understood as neither > given nor endorsed by it. > > =============================================== > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > =============================================== > -- Security Engineer Dimension Data Security Email: [EMAIL PROTECTED] Tel. +27 21 659 2540 Fax +27 21 659 2195 =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
