I am trying to create a tunnel between our company Checkpoint Firewall and a clients Cisco ASA 5510.
Current Situation:
Phase 1 settings are fine on both sides,matching.
Phase 2:
ASA:
Remote peer : XX.XX.82.73
Local public ip (outside): XX.XX.32.4
Interesting traffic (proxy):
Source: XX.XX.32.27
Destination : XX.XX.82.75
Checkpoint
According to our debug information we are receiving from remote site:
Interesting traffic (proxy):
Source: XX.XX.82.73
Destination: XX.XX.32.4
ASA is dropping it since it's not matching the traffic.
The private ip of internal server on Checkpoint side is: 172.23.45.14 and it should be nated to XX.XX.82.75.. If this is correct, then XX.XX.82.75 should travel through the tunnel searching for XX.XX.32.27. With a peer XX.XX.32.4 (where the tunnel will end).
My question is how do i configure the tunnel on checkpoint side to match the ASA configuration so they can talk to each other? I am using a Nokia IP130 with the SmartDashboard R55 to configure the Checkpoint firewall.
Start Free Trial