[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Allow CheckPoint SecureClient connection though PIX 501

Posted on 2004-10-03
3
Medium Priority
?
324 Views
Last Modified: 2013-11-16
What are the exact configuration changes necessary to allow a Check Point SecureClient to connect to a VPN while behind a PIX 501? Or before the question can be answered what info do I need.
SecureClient gives me 2 NAT traversal mechanisms
1) Support IKE over TCP
2) Force UDP Encapsulation

Pix Version 6.3(1)
PDM Version 3.0(1)
Inside Interface 139.126.X.X
Outside Interface PPPoE (66.220.x.x)
0
Comment
Question by:awgooch
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 12212282
1) upgrade PIX to 6.3(3) to enable nat-traversal
2) use the command "isakmp nat-traversal 20"
3) set client to force UDP encap (requires configuration on the Check Point end to allow this)

Alternative to upgrading:
1) Create a static 1-1 nat map using a spare public IP
2) set client for either TCP or UDP (depending on how the Check Point end is set up)
0
 

Author Comment

by:awgooch
ID: 12212482
Can you tell me more about the static 1-1 nat map using a spare puplic IP?
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 12212571
If you have another public IP that you can use besides the interface, you can do this:

static (inside,outside) <public IP> <private ip> netmask 255.255.255.255

ie.

static (inside,outside) 24.56.78.9 192.168.100.100 netmask 255.255.255.255
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Considering cloud tradeoffs and determining the right mix for your organization.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question