I have an AP located in our DMZ which is attached to a Nokia IP330 running checkpoint 4.1/NG. I am allocating static IP addresses to the clients so that they can associate with the AP.Once the clients have authenticated they are restricted by the friewall to only be able to create a VPN tunnel to my 3030 concentrator.It is only when they create a tunnel to the concentrator that they have internal network access. The 3030 is installed in parallel with our Firewall and is not in the DMZ.
So basically you create a VPN tunnel from the DMZ, out towards the internet to my 3030 concentrator. i can create a tunnel noproblem, but, my connection gets dropped after 5 mins. I have tried a continous ping to see if it would keep the tunnel up but still no joy. I have checked all idle timeout times but cannot understand why it drops the tunnel. The logs on 3030 show connection terminated by user which is not the case