Smart questions
Smart answers
Smart people
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login
Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

LINK TO THIS FORUM!

Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

Tek-Tips LinkedIn® Group

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site
Partner Button
(Download This Button Today!)

Feedback

"...This was the ONLY place that I could find information that I could use to resolve the problem. So thanks once again to member TomSark and the SQL forum!..."
More...

Geography

Where in the world do Tek-Tips members come from?
Click Here To Find Out!

Tek-Tips Shirts!

Get Tek-Tips Swag
Get your
Tek-Tips Forums
SWAG here!
Home > Forums > MIS/IT > Security Solutions > Checkpoint Software: Firewall-1 Forum

GREHelpful Member! 

thread32-70846
Read More Threads Like This One
peterve (IS/IT--Management)
7 Apr 01 20:15
Hi,

What rule do I have to create to allow GRE traffic through my firewall (for PPTP)
Thanks

Peter Van Eeckhoutte
peter.ve@pandora.be
 
 
netshield (IS/IT--Management)
23 Apr 01 10:13
http://www.phoneboy.com/faq/0321.html
Helpful Member!  muhammadn (IS/IT--Management)
30 Apr 01 10:12
Details on http://www.phoneboy.com/faq/0321.html is fine,
but it need some modification, explain below

Assuming the (statically translated) PPTP server is on the Internal network and the PPTP client is on the External network, you need to create and add one more object to the outbound rule. Create an object for the valid address of the PPTP server and put it in the source of the outbound rule and it will work.


The problem is that FW-1 does the translation before it applies the rules, so if you don't put in the object for the valid address, it will get dropped.


(Generally speaking) the rules should look something like this...


(rule 1) Client PPTP-invalid (PPTP svcs) Accept


(rule 2) PPTP-invalid Client (PPTP svcs) Accept
         PPTP-valid


Good Luck !
MN
Read More Threads Like This One

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Back To Checkpoint Software: Firewall-1

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close