YES, i was in the wrong forum, i have moved my question zo the VPN forum:


ist it possible to connect to a bm38 in a DMZ, the internet firewall is an
cp1, and there is a dmz , so we want to insert the BM3.8 in the dmz, he
should work for VPN access.

the bordermanager should have only on nic, that is standing in the DMZ.

should i configure the cpfw1 to NAT to the bordermanager in the DMZ to
make a VPN access possible, now so i must configure the cpfw1 too to allow
VPN Connect to the PRIVATE net too.

can i give the BM ( working only loke VPN Server ) 3 IP adresses, one for
NAT ( public site ) one for DMZ ( Nat to CPFW1 Private site ) and one for
the VPN Tunnel? all three IP adresses on one NIC ?

must the whole firewall installation to be done on the bordemanager, or
only a vpn server installation to be done on the server ?

the server should allowed twenty connections for notebooks from the
internet to connect to the intranet.

any ideas



did anybody know, with port to configure, to allow the traffic ?

1. bordermanager in DMZ after CPFW1 ( chekpoint firewall1 )

a. access the vpn server from the internet
b. allow authentication etc
c. something else ?

2. comunication for the bordermanager to the intranet ( private site )

a. cominucation to the eDirectory, and other servers
b. comunication for the clients or VPN Tunnel from the clients to the
Private site ...
c. somthing else ?

or ist it not possible to use the bordermanager for somthing like that ?
can i use one nic for the DMZ configuration?