PDA

View Full Version : Routing through a Checkpoint Client VPN

Nick Djurovich
09-20-2006, 02:05 PM
Hi,

I work from home using CheckPoint SecureClient VPN software to connect to my
work. I use it in Office mode which assigns me an IP on the work domain,
with DNS/DHCP settings on the connection.

At home i have a LAN behind a linksys router using the address range
192.168.8.x. The router is located at 192.168.8.12. There are about 5
machines on the lan, one of which is a server (win2k3).

Instead of running checkpoint on the machine that requires access (eg my
home machine) i was thinking of running checkpoint on the server and then
routing traffic through the VPN using RRAS.

I was thinking of doing something like this -

Internet
|
Router
|
|---------PC 1
|---------.....
|---------PC 4
|
--------nic1-- win2k3 server --nic2-------- laptop

So have two nics on the win2k3 server, one to the router and one to the
laptop. The idea is that when i fire up my laptop, the domain is accessible.
as opposoed to doing a domainless logon, and then firing up the client and
getting connected to the domain. (hope that makes sense).

Anyway, i'm at a loss in setting the TCP/IP settings for nic2 and the laptop
nic, and also how to set up routing across different subnets.

The work domain is on 10.53.x.x.

Is this the route (no pun intended) i should be taking or can/should it be
done another way.

Cheers

Nick
Kadir [MSFT]
09-22-2006, 08:39 AM
This setup will not work as it is, as the traffic from your office will not
be able to reach the laptop's address. There should be some form of NAT (or
some setup similar to Internet Connection Sharing) in order for that
(CheckPoint) connection so that the laptop can make use of it.

Thanks
Kadir [MSFT]

--
RRAS blog: http://blogs.technet.com/rrasblog

[This posting is provided "AS IS" with no warranties, and confers no
rights.]

"Nick Djurovich" <nickdjurovich@nospam.ntlworld.com> wrote in message
news:m0bQg.28678$cx.3497@newsfe1-gui.ntli.net...
> Hi,
>
> I work from home using CheckPoint SecureClient VPN software to connect to
> my work. I use it in Office mode which assigns me an IP on the work
> domain, with DNS/DHCP settings on the connection.
>
> At home i have a LAN behind a linksys router using the address range
> 192.168.8.x. The router is located at 192.168.8.12. There are about 5
> machines on the lan, one of which is a server (win2k3).
>
> Instead of running checkpoint on the machine that requires access (eg my
> home machine) i was thinking of running checkpoint on the server and then
> routing traffic through the VPN using RRAS.
>
> I was thinking of doing something like this -
>
> Internet
> |
> Router
> |
> |---------PC 1
> |---------.....
> |---------PC 4
> |
> --------nic1-- win2k3 server --nic2-------- laptop
>
> So have two nics on the win2k3 server, one to the router and one to the
> laptop. The idea is that when i fire up my laptop, the domain is
> accessible. as opposoed to doing a domainless logon, and then firing up
> the client and getting connected to the domain. (hope that makes sense).
>
> Anyway, i'm at a loss in setting the TCP/IP settings for nic2 and the
> laptop nic, and also how to set up routing across different subnets.
>
> The work domain is on 10.53.x.x.
>
> Is this the route (no pun intended) i should be taking or can/should it be
> done another way.
>
> Cheers
>
> Nick
>