Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

VPN 2 VPN with ISA 2004 and Checkpoint?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> VPN 2 VPN with ISA 2004 and Checkpoint? Page: [1] 2   next >   >>
Login
Message << Older Topic   Newer Topic >>
VPN 2 VPN with ISA 2004 and Checkpoint? - 5.Feb.2004 9:46:00 AM   
snojslky

 

Posts: 33
Joined: 1.Oct.2002
Status: offline 		Hi!

I have been reading the documentation for ISA 2004 and it looks like it now support "IPSec tunnel-mode"

Does this mean that it works with CheckPoint and Cisco now?

Anyone that have tested it?

Why is it so damn hard to get information about what is compatible and notą. ISA is a relatively small player in this market so isn't it in MS interest to publish/test this kind of information?

Regards

/Snoj
Post #: 1
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 5.Feb.2004 1:41:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Snoj,

Yes, they are compatible now. From what I understand, interoperability tests are going to be performed. I hope to post some step by steps here on ISAServer.org in the near future.

HTH,
Tom

(in reply to snojslky)
Post #: 2
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 5.Feb.2004 10:12:00 PM   
Jack in the Box

 

Posts: 51
Joined: 21.Mar.2001
From: Edmonton, AB, CA
Status: offline 		I can tell you that ISA 2004 VPN is definately compatible with Cisco PIX's and Linux Firewalls (Astaro Secure Linux, for example), so it should also be compatible with Checkpoint as well.

I actually have documentation showing the steps to setup ISA 2004 with both, but I am not allowed to post those documents to a public message board [Frown] .

(in reply to snojslky)
Post #: 3
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 5.Feb.2004 10:34:00 PM   
snojslky

 

Posts: 33
Joined: 1.Oct.2002
Status: offline 		All good news :-)

IĘve have jus installed it and begun playing around.

It looks very nice so far! :-)

Thanks

Snoj

(in reply to snojslky)
Post #: 4
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 6.Feb.2004 12:29:00 AM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline
quote:
Originally posted by Jack in the Box:
I can tell you that ISA 2004 VPN is definately compatible with Cisco PIX's and Linux Firewalls (Astaro Secure Linux, for example), so it should also be compatible with Checkpoint as well.

I actually have documentation showing the steps to setup ISA 2004 with both, but I am not allowed to post those documents to a public message board [Frown] .
Hi Jack,

That's great! If you're not allowed to post them, can you send them to me, and then I'll post them? That way I did it, and everyone would benefit and JITB will be a Hero [Smile]

Thanks!
Tom

(in reply to snojslky)
Post #: 5
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 6.Feb.2004 3:17:00 AM   
Jack in the Box

 

Posts: 51
Joined: 21.Mar.2001
From: Edmonton, AB, CA
Status: offline 		Let me find out if I can get permission to send you the documents Tom, and/or what must be done to remove any of the non-technical material in the documents that can not be distributed publically.

(in reply to snojslky)
Post #: 6
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 6.Feb.2004 1:55:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Jack,

That would be great! I promise to remove anything that looks proprietary and even acknowledge your company for their valued assistance to the ISA community in the article.

If they let you, send them to tshinder@isaserver.org

Thanks!
Tom

(in reply to snojslky)
Post #: 7
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 6.Feb.2004 3:58:00 PM   
Addario

 

Posts: 3
Joined: 6.Feb.2004
From: CH
Status: offline 		Hello tshinder

I'am testing the connections between the new ISA Server 2004 an CISCO PIX and other Firewalls like Checkpoint and so on. We can establish the VPN connection but we can't send any packages throught the tunnel! I've read that you have a documentation. Is it possible to recive this documentation?

Thanx for your help

C.Addario

(in reply to snojslky)
Post #: 8
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 6.Feb.2004 8:25:00 PM   
Jack in the Box

 

Posts: 51
Joined: 21.Mar.2001
From: Edmonton, AB, CA
Status: offline 		I have contacted the author of the documents and he is pretty sure releasing them to the board will not be a problem. Tom, you may have even met the author, he works for Microsoft in the support centre near you. I let him know about the boards interest and he is going to contact the technical editor to get the OK to release the documents to you.

Addario, if the VPN is connecting properly make sure you create a corresponding network rule and access policy in ISA to allow the two networks to talk to each other.

(in reply to snojslky)
Post #: 9
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 6.Feb.2004 8:40:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Jack,

That would be great! It wouldn't be SJ by any chance?

Thanks!
Tom

(in reply to snojslky)
Post #: 10
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 6.Feb.2004 9:30:00 PM   
Jack in the Box

 

Posts: 51
Joined: 21.Mar.2001
From: Edmonton, AB, CA
Status: offline 		Not SJ. Doesn't he post articles here every now and then? Or am I thinking of a different SJ?

Either way, not him [Wink] .

(in reply to snojslky)
Post #: 11
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 7.Feb.2004 12:26:00 AM   
ClintD

 

Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline 		[Smile] Hiya Tom. Hiya Chris. Hint, Hint, jab, jab.

(in reply to snojslky)
Post #: 12
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 7.Feb.2004 1:27:00 AM   
Jack in the Box

 

Posts: 51
Joined: 21.Mar.2001
From: Edmonton, AB, CA
Status: offline 		Heya Clint. [Wink]

(in reply to snojslky)
Post #: 13
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 7.Feb.2004 4:22:00 AM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Clint,

Hmmm. I just can't figure out who it might be [Smile]

Thanks!
Tom

(in reply to snojslky)
Post #: 14
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 9.Feb.2004 8:37:00 PM   
Guest
 I am using ISA-Checkpoint site-to-site right now, and had no problems setting it up. It worked without any problems and it looks like is stable as long as the tunnel is constantly in use. When the tunnel has been idle for a long time I freqently have to try two times before my ica or ssh connection is passed through.

(in reply to snojslky)
  Post #: 15
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 12.Feb.2004 7:42:00 AM   
ntnghia

 

Posts: 15
Joined: 18.Jun.2003
From: vietnam
Status: offline 		That great,

I think ISA2K4 is very good. but in some forum from Russia say that it is too many bug ISA2K4 can be hack easyly.

So I am try to setup a test Network with all product of microsoft product 2003.

ISA 2004 with DMZ
exchange 2003
and CA install on window 2003

in exchange 2k3 i host multidomain.
all of them working ok()

but when i using Certificate and Digital signature

only one domain can send and receive mail with Cetificate and Digital signature and the other domain is not working

- I don't know where is the bug, it occur on isa or on exchange or CA,

anyboy have experience is CA please help me.

if we use CA on email we can stop spam mail and filter virus

thanks

(in reply to snojslky)
Post #: 16
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 15.Feb.2004 6:11:00 PM   
tshinder

 

Posts: 47663
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi NT,

Is the Exchange Server on a public or private addresss DMZ segment?

Thanks!
Tom

(in reply to snojslky)
Post #: 17
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 20.Dec.2004 2:44:00 AM   
Darren Thompson

 

Posts: 146
Joined: 21.May2002
From: Perth, Western Australia
Status: offline 		Hi All,

Has anyone come up with any documentation on an ISA to Checkpoint gateway to gateway VPN ? I will soon have to implement one, and unfortuntely will have no direct control (if any) over the checkpoint, but fortunately 100% control over the ISA server...

Thanks

Darren

(in reply to snojslky)
Post #: 18
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 20.Dec.2004 5:00:00 AM   
ClintD

 

Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline 		CheckPoint interop is covered in the Microsoft guide at http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/sitetositeipsec.mspx

(in reply to snojslky)
Post #: 19
RE: VPN 2 VPN with ISA 2004 and Checkpoint? - 20.Dec.2004 7:08:00 AM   
Pirya

 

Posts: 2
Joined: 19.Dec.2004
From: California
Status: offline 		Use this document i have confugerd IPsec tunnels between checkpoint and ISA 2004 firewals
But I can able to access from ISA end to checkpoint end. wise versa NOT working.
Tom said some suppernetting issue in checkpint,i don't know what to confure in checkpont firewall

CP - Checkpoint firewll NG R55
ISA 2004 SE.

Priya

(in reply to snojslky)
Post #: 20

Page:   [1] 2   next >   >> << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> VPN 2 VPN with ISA 2004 and Checkpoint? Page: [1] 2   next >   >>
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts