Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Cisco VPN Client Behind Checkpoint Firewall

I am trying to establish a vpn tunnel to a remote site from behind a checkpoint firewall. The firewall uses a hide nat for all computers on the network. The tunnel is initially connected but then is timed out when the client doesnt receive the keepalives. I see packets coming back that are being dropped by the firewall. Is it possible to create and maintain a vpn through a hide nat or do I have to do a static nat for all users trying to use the vpn?

Thanks

1 REPLY

Re: Cisco VPN Client Behind Checkpoint Firewall

Unfortunately the vpn client will always rely on keepalives to maintain it's connection active, these keepalives are unable to be disabled from the client side. You can however increase the time that the vpn client will wait to drop this connection.

In your case you would need to check on the firewall side why are these packets being dropped.

772
Views
0
Helpful
1
Replies
CreatePlease to create content