Configure Linksys WRT54G and VPN-1 SecureClient

I'm having a lot of trouble getting my Linksys WRT54G router to work with Checkpoint VPN-1 SecureClient.

It will work fine connected directly to the Cable Modem, but when I connect behind the router, the NAT and SPI is blocking the ports.  I've tried to open ports with port forwarding, port triggering, etc. with no success.

I'm uncertain what steps I need to take to get the SecureClient to operate behind the router.

I've configured the router to be a private network as to not conflict with my office network.

Can anyone provide the steps to get this working?

Thank you!
Who is Participating?
Rob WilliamsCommented:
If pshoemaker21, is still receiving notices.......
- have come across dozens of article with different folks having problems using an IPSec client behind the WRT54G. If you have the option, try from behind another router. The router itself seems to be the problem, If "enable IPSec" is checked there is nothing more for you to configure.
-f by chance you have the same problem with another router, or perhaps check anyway, make sure the modem is not a combined router/modem providing NAT (Network Address Translation) services. This will be noted by it assigning the connected device a private IP such as 192.168.x.x, 10.x.x.x, or 172-16.x.x  If that is the case the modem needs to be put in Bridge mode.
-If the modemot running NAT, and you have tried another router, you may need to have the CheckPoint administrator look at their configuration of NAT-T at the server end, router.
Rob WilliamsCommented:
Might be as simple as checking the "enable IPSec pass-through" on the firewall page of the security section.

Rob WilliamsCommented:
By the way, no ports need to be opened or forwarded. Only other issue might be if your modem is a combined router/modem and is also performing NAT, but see how the IPSec pass-through works. If you did forward any ports relating to VPN's change those back to the defaults. They can sometimes interfere with VPN client traffic.
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

pshoemaker21Author Commented:
I've already checked all that.  I've been reading a bunch on the net and it's difficult to find anything specific.  The cable modem is just a straight broadband access node, which hands out a single IP address by MAC address.

It has something to do with the port blocking that is enabled by default on the linksys router.  I just don't know how to configure it to get past that.  Not sure if it can be configured or not?
Rob WilliamsCommented:
I am afraid I am not much help. As a rule with Linksys routers all VPN clients, CheckPoint, WatchGuard, Cisco, etc. are able to work quite well with absolutely no configuration other than allowing IPSec pass-through. It is possible to block the traffic with manual firewall rules, but the defaults should not do so. Perhaps there is a problem with the firmware. Have you tried upgrading or re-installing? Also I have seen some problems with VPN's and wireless connections. Are you connecting to the WRT54G wirelessly or with a cable. Perhaps try a cable if you are using wireless.
Rob WilliamsCommented:
>>"The cable modem is just a straight broadband access node, which hands out a single IP address by MAC address."
So I assume as a result your WRT54G's WAN configuration has been assigned a true public IP and not a private IP such as 192.168.x.x, 10.x.x.x, or 172.16-32.x.x ?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.