Has anyone got any insight into the IP routing trap you get into when you manually set the IP on an IPSec client from behind a SOHO NATed router? If you follow the setup in the NCP client document for certificate connections the client will connect to the FW but the routing is buggered up. The default GW ends up being your manually set IP + 1.
I've tried a number of different configurations including setting up a truth table for location, static vs dynamic IP, ID and IP type, working both sides. I can get the client to work but in a limited way.
There must be something I'm doing wrong on the FW side and it may have something to do with my remote key management but I don't know at this point.
BTW - I've RandRandRTM... I'm also running V4 of the FW.
This thread was automatically locked due to age.