Remote Site

[djdani]

Hi there I am new in this forum
I have a problem that I need help for
I have my main Office Net & 2 additional sits that I connect them to my network via IPVPN device that connect directly to my network

In My Office Network I have The Checkpoint NGX R60
For example this is my network 10.0.0.1 with the subnet of 255.0.0.0 my getwae is 10.0.0.1
The getaway is nut my firewall
The getaway is my eSafe 10.0.0.1
& the getaway to my eSafe is The Firewall

And My IPVPN that is connected to my network has the IP OF 10.0.0.254 Subnet
255.0.0.0 Getaway 10.0.0.1

My First site ip is 10.0.1.0 subnet 255.0.0.0 getaway 10.0.0.254 Act As DHCP
The second site ip is 10.0.2.0 subnet 255.0.0.0.getway 10.0.0.254 Act as DHCP

The Esafe Getaway have route to the sits to allow me remote access
If needed

So far everything is working fine the clients from both sits can log on to my DC and get everything from my network
And So Can I
The problem is to allow the clients internet access
How do I configure the firewall to do that

[lammbo]

The first thing you need to do is get rid of the 8 bit mask on 10.x.x.x. as 10.0.1.0/8 is in the same network as 10.0.2.0/8. I HIGHLY recommend reducing the size of those subnets to a size more appropriate to the number of hosts residing in each subnet. If you manage both sites, your first step should be reducing those to eliminate subnet overlap. SecureClient/SecureRemote will not route properly with this overlap.

[MarioL]

Very true, you really need to work on improving the way you are currently using the address space.

Regarding Internet access, while connected, the users can either access the Internet directly or route the traffic through the gateway. Both require diferent configs.

[djdani]

Thanks for the reply but I manage to solve the problem