![]() I checked the firewalls logs can see UDP4500 being sent but the controller doesn’t get that far when I check the controllers logs.ĭoes anyone know if there’s something different you need to do when the controller is behind a firewall with NAT? Is this checkpoint being funny? (I enabled any port on the rule to see and it still has same behaviour). Lets start with Checkpoint firewall route based vpn configuartion Step 1- Create a VPN Community There are two type of VPN topology in Checkpoint ‘New Star Community’ and ‘New Meshed. It negotiates UDP500 the next part of this VPN should then be UDP 4500 but the controller never sees that phase. I can see traffic coming through but when the controller starts to negotiate the traffic through UDP 4500 it fails and does not progress to this stage. The checkpoint firewall is set to allow UDP&TCP 500/4500 - so should be all the IKE ports. This is having traffic hit the public IP Checkpoint NATs this to an internal address which the controller has. Setting up a remote VPN solution using a 7210 controller (working to Clearpass).įor security reasons, I have placed the controller behind a firewall.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |