Thread: B2B VPNs and NAT to Public IPs
View Single Post
  #3 (permalink)  
Old 2006-09-21
RobertGraham RobertGraham is offline
Senior Member
  
Join Date: 2006-02-02
Posts: 204
Rep Power: 3
RobertGraham has an average reputation (10+)
Send a message via MSN to RobertGraham Send a message via Yahoo to RobertGraham
Default Re: B2B VPNs and NAT to Public IPs
OHHHHH! Now I get it. Somehow when I first looked at this post, I didn't understand what they wanted to do. It must be the old skool ASCII diagrams that remind me of the old RFCs - they scare me. Nevermind....


There can be some problems with this though. As northlandboy stated, assuming they are initiating connections to your side and not the other way around, it's no big deal and everyone's happy. Just be aware for the future - it won't really scale.

Incidentally, this is poor practice on their side as Check Point's philosophy is that the firewall should be invisible (stealthful). Their firewall IP will show up in the logs of all the machines they connect to on your side. This may or may not be significant depending upon the beholder's security practice beliefs. Either way, it's not really your problem.
Reply With Quote