Advertisement

06.10.2008 at 07:38AM PDT, ID: 23472486
[x]
Attachment Details

How do I configure a Checkpoint to Cisco ASA VPN Tunnel?

Asked by ouelletteg47 in Checkpoint Firewall, Virtual Private Networking (VPN)

I am trying to create a tunnel between our company Checkpoint Firewall and a clients Cisco ASA 5510.

Current Situation:

Phase 1 settings are fine on both sides,matching.

Phase 2:
       
ASA:
 Remote peer : XX.XX.82.73
 Local public ip (outside): XX.XX.32.4

Interesting traffic (proxy):
 Source: XX.XX.32.27
 Destination : XX.XX.82.75

Checkpoint
According to our debug information we are receiving from remote site:
Interesting traffic (proxy):
 Source: XX.XX.82.73
 Destination: XX.XX.32.4
ASA is dropping it since it's not matching the traffic.

The private ip of internal server on Checkpoint side is: 172.23.45.14 and it should be nated to XX.XX.82.75.. If this is correct, then XX.XX.82.75 should travel through the tunnel searching for XX.XX.32.27. With a peer XX.XX.32.4 (where the tunnel will end).

My question is how do i configure the tunnel on checkpoint side to match the ASA configuration so they can talk to each other? I am using a Nokia IP130 with the SmartDashboard R55 to configure the Checkpoint firewall.Start Free Trial
[+][-]06.10.2008 at 08:20AM PDT, ID: 21752100

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06.10.2008 at 10:09AM PDT, ID: 21753012

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06.11.2008 at 07:33AM PDT, ID: 21760437

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06.11.2008 at 07:54AM PDT, ID: 21760664

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06.11.2008 at 08:20AM PDT, ID: 21760977

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06.12.2008 at 07:19AM PDT, ID: 21769717

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Checkpoint Firewall, Virtual Private Networking (VPN)
Sign Up Now!
Solution Provided By: mabutterfield
Participating Experts: 2
Solution Grade: A
 
 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628