![use a checkpoint firewall as a router on a stick use a checkpoint firewall as a router on a stick](https://eenews.cdnartwhere.eu/sites/default/files/styles/inner_article/public/sites/default/files/images/2020-09-29-viavi.jpg)
!- Enable authentication, authorization and accounting (AAA) !- for user authentication and group authorization. They are RFC 1918 addresses which have been used in a lab environment. Note: The IP addressing schemes used in this configuration are not legally routable on the Internet. Note: Use the Command Lookup Tool ( registered customers only) to obtain more information on the commands used in this section.
![use a checkpoint firewall as a router on a stick use a checkpoint firewall as a router on a stick](https://journeyofthegeekcom.files.wordpress.com/2021/07/app-svc-lab.png)
In this section, you are presented with the information to configure the features described in this document. Refer to the Cisco Technical Tips Conventions for more information on document conventions. If your network is live, make sure that you understand the potential impact of any command. All of the devices used in this document started with a cleared (default) configuration. The information in this document was created from the devices in a specific lab environment. The information in this document is based on these software and hardware versions:Ĭisco Router 3640 with Cisco IOS® Software Release 12.4 There are no specific requirements for this document. This IP addressing scheme helps you to troubleshoot your network.
![use a checkpoint firewall as a router on a stick use a checkpoint firewall as a router on a stick](https://sc1.checkpoint.com/documents/R76/CP_R76_ClusterXL_AdminGuide/49709.png)
Note: In order to avoid the overlapping of IP addresses in the network, assign the entirely different pool of IP addresses to the VPN Client (for example, 10.x.x.x, 172.16.x.x, .x). Refer to PIX/ASA 7.x and VPN Client for Public Internet VPN on a Stick Configuration Example in order to complete a similar configuration on a central site PIX Firewall. This allows the Internet traffic to be port address translated (PATed) to the outside world. In order to achieve this, configure the policy map in the router to point all the VPN traffic (Cisco VPN Client) to a loopback interface. This setup applies to a specific case where the router, without enabling split tunneling, and Mobile users (Cisco VPN Client) can access the Internet via the central site router.
#Use a checkpoint firewall as a router on a stick how to#
This document describes how to set up a central site router to perform IPsec traffic on a stick.