PIX<--> Checkpoint <-> PIX
Dear
I need to setup a follow VPN connection 2 PIXs
PIX<--> Checkpoint <-> PIX
I put a Checkpoint between 2 PIX
What protocol or Port I need to open in checkpoint policy for this VPN connection?
Thank you for your help
I need to setup a follow VPN connection 2 PIXs
PIX<--> Checkpoint <-> PIX
I put a Checkpoint between 2 PIX
What protocol or Port I need to open in checkpoint policy for this VPN connection?
Thank you for your help
Who is Participating?
You probably need to pass IKE (UDP/500), ESP (IP protocol 50), and AH (IP protocol 51). There's likely also some CP specific names for this stuff, and maybe even a service group representing all of them, but I don't have a CP system to look on right now.
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question:
I recommend: delete or split points. Both experts have valuable information
if there is any objection or other expert commentary to this recommendation then please post in here within 7 days.
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points. http://www.experts-exchange.com/Community_Support/
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
thanks,
lrmoore
EE Cleanup Volunteer
---------------------
I will leave a recommendation in the Cleanup topic area that this question:
I recommend: delete or split points. Both experts have valuable information
if there is any objection or other expert commentary to this recommendation then please post in here within 7 days.
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points. http://www.experts-exchange.com/Community_Support/
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
thanks,
lrmoore
EE Cleanup Volunteer
---------------------
Split
SpideyMod
Community Support Moderator @Experts Exchange
chris_calabrese points for you at:
http://www.experts-exchange.com/Networking/Broadband/VPN/Q_20509269.html
SpideyMod
Community Support Moderator @Experts Exchange
chris_calabrese points for you at:
http://www.experts-exchange.com/Networking/Broadband/VPN/Q_20509269.html
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month6 days, 19 hours left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
I believe GRE (IP protocol 47) is also included. Depending on your IPSec setup you may not need to allow all of the protocols/ports included in "IPSec" service group, but it makes for a more readable policy.