[c-nsp] checkpoint vpn client behind pix 515
Ivan Lopez
ilopez02 at earthlink.net
Mon Sep 5 17:57:06 EDT 2005
I have customer with a Checkpoint VPN-1 client connecting to it's server
in the U.K. thru my PIX firewall 6.3.
I set up a NAT-static private-public IP address for my customer,
permitting AH, ESP as well udp 500 both inbound and outbound.
Connection establishes but not able to do anything else after that, not
able to access any applications, nothing. This is my first Checkpoint
experience, any ideas anyone? Thanks!
access-list vpnacl permit ip host xxx.xxx.xxx.UK any
access-list outside_coming_in permit esp host xxx.xxx.xxx.UK host
xxx.xxx.xxx.US
access-list outside_coming_in permit ah host xxx.xxx.xxx.UK host
xxx.xxx.xxx.US
access-list outside_coming_in permit udp host xxx.xxx.xxx.UK host
xxx.xxx.xxx.US eq isakmp
isakmp nat-traversal 20
sysopt connection permit-ipsec
More information about the cisco-nsp
mailing list