This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ASL 4.0 and Checkpoint

Well, Got a problem with VPN. I'm trying to set up a VPN with FW-1 NG FP3 and ASL4.0. All encryption is set the same, no PFS. Accoring to the Checkpoint logs, its passing both phase one and two, and is encrypting the outgoing packets from the checkpoint network. If I try to FTP from the checkpoint network into the ASL network, everything works fine and I make the connection. If I try to initiate an FTP connection from the ASL network to the Checkpoint network, it times out.
I'm new to ASL, and am not sure exaclty where to begin troubleshooting. It sound like a simple issue since traffic can pass one way, but I'm unsure where to begin.
Please help!

This thread was automatically locked due to age.

Parents

0 oliver.desch over 22 years ago

Sgt_B,

sounds like missing packet filter rules. On both sides are filters
needed which allow traffic from left to right and vice versa.

read you
o|iver
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 oliver.desch over 22 years ago

Sgt_B,

sounds like missing packet filter rules. On both sides are filters
needed which allow traffic from left to right and vice versa.

read you
o|iver
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Sgt_B over 22 years ago in reply to oliver.desch

Packet filter rules are in place on both devices to allow traffic from one to the other. IKE is allowed between the gateways. I'm not seeing dropped packets in either of the devices' logs either. One side works, but the other doesn't. Very confusing. Would NAT have anything to do with it? On the ASL, I've got a NAT rule stating:
"LAN -> Any/Any External_Int"
The FW-1 VPN LAN is not using NAT (clients go through proxy and proxy is NATed)
If this is the issue, then how can I resolve this as I need to NAT my ASL LAN for internet access?
Cancel
Vote Up 0 Vote Down

Cancel