Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
262
Views
0
Helpful
2
Replies

checkpoint SecuRemote/SecuRClient passing traffic through PIX525

evans.b
Level 1
Level 1

‎04-25-2003 03:24 AM - edited ‎03-09-2019 03:01 AM

Hi,

I'm in the process of configuring a PIX 525 to allow a checkpoint SecuRClient (inside) to initiate a vpn tunnel to a SecuRemote server (via Outside).

I have configured ACL's to allow UDP isakmp, esp and ah (both on the inside and the outside interfaces. Using the 'sh access-list' command after trying to initiate a vpn connect these ACL's are showing hits (htcnt=0).

All inside addresses will be PAT'd to a public address. Apart from ACL's to allow isakmp, esp and ah. Is there any other parameters I need to configure to allow this traffic through the PIX??.

thanks

Labels:
0 Helpful
2 Replies 2

leeb
Level 1
Level 1

‎04-25-2003 03:45 AM

do you have static nat to the computer in the inside interface, beside acl?

0 Helpful

evans.b
Level 1
Level 1
In response to leeb

‎04-25-2003 05:04 AM

Hi,

No there isn't a static map for this computer on the inside. If successfull, using checkpoint securclient software on the inside will be implemented to many may users, therefore using PAT for global translations is more cost effective.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents