[ previous ] [ next ] [ threads ]
 
 From:  Christiaens Joachim <jchristi at oce dot be>
 To:  "'John Smith'" <qwik999 at yahoo dot com>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] System requirements and Checkpoint Securemote VPN- 1
 Date:  Tue, 28 Oct 2003 13:45:17 +0100
No enhanced NAT going on. Only the standard ruleset, no firewall rules in
place.

This works for the safenet (watchguard) clients... I don't know what client
is used by Checkpoint???

Joachim

-----Original Message-----
From: John Smith [mailto:qwik999 at yahoo dot com]
Sent: maandag 27 oktober 2003 19:25
To: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] System requirements and Checkpoint Securemote
VPN- 1


Yes I do have a handful of public IPs but I would
rather to use them on the servers. I have not been
able to work around this NAT issue. If you happen to
have it worked, can you share your NAT and ipf rule
set?
Thanks


--- Christiaens Joachim <jchristi at oce dot be> wrote:
> Hmmmm,
> 
> I just put the laptop behind the m0n0 and it worked!
> 
> If you use 1:1, then you have more then one public
> ip?
> 
> Joachim
> 
> -----Original Message-----
> From: John Smith [mailto:qwik999 at yahoo dot com]
> Sent: maandag 27 oktober 2003 14:39
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: RE: [m0n0wall] System requirements and
> Checkpoint Securemote
> VPN- 1
> 
> 
> Joachim
> Mind to share what you did to make softclient
> working?
> I am having problems using Nortel VPN client on the
> laptop behind the m0n0 except 1 to 1 mapping.
> Thanks
> 
> 
> --- Christiaens Joachim <jchristi at oce dot be> wrote:
> > The problem with IPSec behind "routers" is not the
> > routing or firewalling
> > mostly, but the way NAT doesn't know to which
> > internal client it needs to
> > send the replies comming from other VPN endpoint
> > (because they are
> > encrypted).
> > 
> > There are som tricks used to make it work (some
> for
> > 1 client, some for
> > more). All I know is that the watchguard client
> > doesn't work with ex.
> > Freesco or Linux pre-2.4 kernels, but it works
> very
> > well with m0n0wall.
> > 
> > As I said, I will test a tunnel between a
> watchguard
> > and a m0n0 soon, but
> > the softclient works...
> > 
> > Joachim
> > 
> > -----Original Message-----
> > From: Giorgio Catena [mailto:thechain at libero dot it]
> > Sent: zaterdag 25 oktober 2003 15:09
> > To: Christiaens Joachim
> > Subject: Re: [m0n0wall] System requirements and
> > Checkpoint Securemote
> > VPN- 1
> > 
> > 
> > Christiaens Joachim wrote:
> > > I'm not shure what you mean:
> > > 
> > > -use the Checkpoint client software on one or
> more
> > clients of you homelan
> > > like this: <company> --- tunnel --- <firewall>
> ---
> > tunnel ---
> > > <vpnclient-soft>
> > > 
> > > or
> > > -use the firewall to connect via a tunnel to
> your
> > company's network and
> > give
> > > access to your entire homelan
> > > like this: <company> --- tunnel --- <firewall>
> ---
> > <homelan>
> > > 
> > > anyway, both should be possible with m0n0wall. I
> > use the watchguard
> > (SafeNet
> > > sucuremote IPSec) client on a company laptop to
> > connect to the company's
> > > watchguard firebox 1000. This works very well!
> > > In the near future I will be testing the
> > watchguard-to-m0n0wall connection
> > > (IPSec too), so my homelan can be a part of the
> > company-lan.
> > > 
> > > I'll keep the list informed.
> > > Regards,
> > > Joachim
> > > 
> > I intend just the first scheme. My doubt is if it
> > works because speaking 
> > with the people of the floppyfw project the way
> the
> > client (with the 
> > software) bahaves now is not related (by their
> > opinion) to the router-fw 
> > I'm using. This is what they say but I'm not sure
> > and I want to try out 
> > something else. The Checkpoint VPN-1 securemote sw
> > (for the client 
> > connection) is that sort of bad beast without any
> > help or other kind of 
> > stuff and no settings except few stupid things....
> > 
> > Any help will be appreciated
> > 
> > Regards
> > 
> > 
> > 
> > -----------------------------------------------
> > MISSION STATEMENT 
> > -----------------------------------------------
> > Oce enables its customers to manage their
> documents
> > efficiently and
> > effectively by offering innovative print and
> > document management products
> > and services for professional environments.
> > 
> > -----------------------------------------------
> > DISCLAIMER 
> > -----------------------------------------------
> > This e-mail message and any attachment are
> intended
> > for the sole use of the
> > recipient(s) named above and may contain
> information
> > which is confidential
> > and/or protected by intellectual property rights.
> > Any use of the information contained herein
> > (including, but not limited to,
> > total or partial reproduction, communication or
> > distribution in any form) by
> > other persons than the designated recipient(s) is
> > prohibited.
> > 
> > If you have received this e-mail in error, please
> > notify the sender either
> > by telephone (0032-2-729.48.11) or by e-mail and
> > delete the material from
> > any computer.
> > Oce-Belgium/Oce-Interservices is nor responsible
> for
> > the correct and
> > complete transfer of the contents of the sent
> > e-mail, neither for the
> > receipt on due time.  This e-mail message does not
> > bring about a contractual
> > obligation for Oce-Belgium/Oce-Interservices.
> > 
> > Thank you for your cooperation.
> > 
> > For further information about
> > Oce-Belgium/Oce-Interservices please see our
> > website at www.oce.be
> > 
> > -----------------------------------------------
> > 
> > 
> > 
> >
>
---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> > m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail:
> > m0n0wall dash help at lists dot m0n0 dot ch
> > 
> 
> 
> __________________________________
> Do you Yahoo!?
> Exclusive Video Premiere - Britney Spears
> http://launch.yahoo.com/promos/britneyspears/
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail:
> m0n0wall dash help at lists dot m0n0 dot ch
> 
> 
> -----------------------------------------------
> MISSION STATEMENT 
> -----------------------------------------------
> Oce enables its customers to manage their documents
> efficiently and
> effectively by offering innovative print and
> document management products
> and services for professional environments.
> 
> -----------------------------------------------
> DISCLAIMER 
> -----------------------------------------------
> 
=== message truncated ===


__________________________________
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
http://launch.yahoo.com/promos/britneyspears/

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


-----------------------------------------------
MISSION STATEMENT 
-----------------------------------------------
Oce enables its customers to manage their documents efficiently and
effectively by offering innovative print and document management products
and services for professional environments.

-----------------------------------------------
DISCLAIMER 
-----------------------------------------------
This e-mail message and any attachment are intended for the sole use of the
recipient(s) named above and may contain information which is confidential
and/or protected by intellectual property rights.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.

If you have received this e-mail in error, please notify the sender either
by telephone (0032-2-729.48.11) or by e-mail and delete the material from
any computer.
Oce-Belgium/Oce-Interservices is nor responsible for the correct and
complete transfer of the contents of the sent e-mail, neither for the
receipt on due time.  This e-mail message does not bring about a contractual
obligation for Oce-Belgium/Oce-Interservices.

Thank you for your cooperation.

For further information about Oce-Belgium/Oce-Interservices please see our
website at www.oce.be

-----------------------------------------------