I have a VPN 3005 installed in a network - and am having some problems. I would be grateful for any assistance.
I have an existing Checkpoint Firewall-1 within my network and have placed a VPN 3005 on the private network (not using the public network card).
I have defined a static two way NAT entry on the Firewall-1 that allows direct NATd access to the VPN 3005 at the moment for all ports.
From a 3.5.2 VPN client, I can authenticate with the VPN 3005 (also running 3.5.2) and receive an IP address from the configured pool. Problem is though that I cannot then communicate (ping, telnet, anything) any device attached to the public network.
From the VPN dialler, I can see the encrypt packet counter going up, however no decrypted packets are received and that counter stays at zero.
- Is my config valid, or do I need to use the public interface as well? Does the VPN 3005 work in a "one armed router" type of config?
- I have tried allocating IP addresses from both the subnet allocated to the public network, and a new subnet which I set up routing for - neither works. Which is recommended?
- Any other pointers for things that I can look at?