Checkpoint vpn, Secureremote vpn – SMC Networks Barricade SMC2404WBR User Manual

Ø

CheckPoint VPN

§

Update firmware to latest version, reset to defaults.

§

Try forwarding ports 256, 564, and 500, in the Virtual Server

screen of the Barricade.
§

There also may be a "Use Through NAT Transparency Mode",

"Use through Firewall", or similar setting in the client software; if
so, select it.
§

Open port 500 in the "Virtual Server" screen of the Barricade

section and try again.
§

Set your computer up as the DMZ host under the "Misc Item"

section in the Barricade.
§

Try hard setting the MTU level to 576 and try again. This can

be done ether in the client software, the registry, or by a third party
program.
§

If you have tried all suggestions above and you are still unable to

use your VPN through the Barricade, then you will need to refer to
the VPN software developer for additional assistance.

Ø

SecureRemote VPN

§

This application commonly uses IP Security so you will need to

open port 500 as stated before.
§

UDP Encapsulation Mode enables IKE/IPSec Secure Remote

users to traverse Network Address Translation devices, firewalls and
other devices that fail to handle IPSec packets. It also enables more
than one Secure Remote user to work with IPSec behind a port-
mapping NAT device, also known as dynamic NAT, (e.g., FireWall-
1 Hide NAT mode) with the same VPN-1/SecuRemote/SecureClient
gateway.
§

This is achieved by encapsulating IPSec packets inside UDP

datagrams. This option is negotiated in IKE. VPN-1/SecuRemote/
SecureClient supports this feature only in IPSec ESP mode (AH is
not supported).