Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1024
Views
0
Helpful
1
Replies

Cisco VPN Client Behind Checkpoint Firewall

382pch101
Level 1
Level 1

‎02-06-2009 08:03 AM

I am trying to establish a vpn tunnel to a remote site from behind a checkpoint firewall. The firewall uses a hide nat for all computers on the network. The tunnel is initially connected but then is timed out when the client doesnt receive the keepalives. I see packets coming back that are being dropped by the firewall. Is it possible to create and maintain a vpn through a hide nat or do I have to do a static nat for all users trying to use the vpn?

Thanks

Labels:
0 Helpful
1 Reply 1

Ivan Martinon
Level 7
Level 7

‎02-06-2009 10:47 AM

Unfortunately the vpn client will always rely on keepalives to maintain it's connection active, these keepalives are unable to be disabled from the client side. You can however increase the time that the vpn client will wait to drop this connection.

In your case you would need to check on the firewall side why are these packets being dropped.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents