SMA1000:When both IPv4 and IPv6 are enabled for the network interface, the first few connection attempts fail, but everything works fine after that.This VPN connection type is supported on iOS, macOS, and Windows devices only.SMA100:After upgrading to 10.2.1.7, began receiving nonstop alert emails stating "WAF threat prevented:.As a result, the ARP entry for the external IP address must be added manually within the Nokia Voyager interface.įinally, a traffic or policy rule is required for all traffic to flow from the Internet to the SonicWall SSL-VPN.Īgain, should the SonicWall SSL-VPN be located on a secure segment of the Check Point firewall, a second rule allowing the relevant traffic to flow from the SonicWall SSL-VPN to the internal network will be necessary.Įxcerpted from SSL-VPN 2.1 Administrator’s Guide Related Articles If running Check Point on a Nokia security platform, Nokia recommends that users disable this feature. This feature will automatically add an ARP entry for a secondary external IP address (the public IP address of the SonicWall SSL-VPN).
This route will send all traffic from the public IP address for the SonicWall SSL-VPN to the internal IP address. Most installations of Check Point AIR55 require a static route. Clicking OK will automatically create the necessary NAT rule shown below. The translation method to be selected is static. Here you will enter the external IP address (if it is not the existing external IP address of the firewall). Next, select the NAT tab for the object you have created.Ĭheck Point NAT Properties Dialog Box Image Should you decide to locate the SonicWall SSL-VPN on a secure segment (sometimes known as a demilitarized zone) then subsequent firewall rules will have to pass the necessary traffic from the secure segment to the internal network. The object is defined as existing on the internal network. This is done under the file menu “Manage” and “Network Objects”.Ĭheck Point Host Node Object Dialog Box Image The first thing necessary to do is define a host-based network object. Setting up a SonicWall SSL-VPN with Check Point AIR 55
0 kommentar(er)
