Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

problems about secuRemote

Status
Not open for further replies.
melchy

melchy

Technical User
Jul 9, 2003
24
BO
I have problems using SecuRemote, when trying to connect to VPN-1, passing another firewall, the connection fails. But if the connections goes with no firewall in the middle, it connects well. I switch on the Nat transversal option in the secuRemote client but I cannot connect anyway.

PLEASE HELP ME (near to pass away!!!)
 
Sort by date Sort by votes
What type of FW are you trying to pass thru (another CP FW?)? Have you already setup rules on the outbound connection?
 
Upvote 0 Downvote
Hi,

You need to make sure that you have the necessary ports open throught the "middle firewall" - IKE (UDP 500) and i think VPN1_IPSEC_encapsulation UDP 2746.

You need to use NAT traversal on the SecureRemote Client both UDP encapsulation and IKE over TCP.

Withing your Global properties of FW uunder remote access, you should have an option for Gateways support IKE over TCP, check this and install policy. Give it a go...



Akiwondo (MCSE, CCSE)
 
Upvote 0 Downvote
Thanks,

I can connect to the VPN, the negotiation is well, and it can authenticate me, when I see in the SmartDoeshboard the tunnel is done, but when I try to do a ping, in SmartDoeshboard it accepts to me, but I do not obtain answer
it show me Request Time Out,

Please need a hand

Regards
 
Upvote 0 Downvote
If I understand correctly, I think you need to check your rules to see if you are allowing ICMP from SecureRemote.

Akiwondo (MCSE, CCSE)
 
Upvote 0 Downvote
Hi, sorry by the delay in the answer, I was very occupied, well the connection is done in the SecureRemote I got no problems (I use the R56 version), previously, I obtained the following error: tunnel_test failed, with the R56 version and Hotfix 12 I solved this problem, but another one arose, the tunnel can be established but when I try to do a ping from the remote host to the local server I don't have answer in the remote cliente I got timeout with the echo replay, I need to do the next connection

Server --> FW-1 --> EXTRANET --> FW --> client
| |
+----- INTERNET ------+

When:
FW-1 is the cluster firewall Checkpoint
FW is some firewall
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

GeorgeAlba
  • Locked
  • Question
What do you think about this proxy
Replies
0
Views
300
GeorgeAlba
GeorgeAlba
barbastica
  • Locked
  • Question
Ipfiter problems with RedHat
Replies
0
Views
148
barbastica
barbastica
tanlccc
  • Locked
  • Question
Newbie here!! About ACL issue
Replies
4
Views
227
UltraZero
UltraZero
coopermarsh
  • Locked
  • Question
problems with Drop Code: 182, Module Id: 21 with ping traffic over VPN
Replies
0
Views
149
coopermarsh
coopermarsh
handle2110
  • Locked
  • Question
Problems IPSEC client to other network
Replies
0
Views
142
handle2110
handle2110

Part and Inventory Search

Sponsor

Back
Top