User guide

Connectivity

794 Check Point Safe@Office User Guide

I am using the Safe@Office appliance behind another NAT device, and I am having problems

with some applications. What should I do?

By default, the Safe@Office appliance performs Network Address Translation (NAT). It is

possible to use the Safe@Office appliance behind another device that performs NAT, such

as a DSL router or Wireless router, but the device will block all incoming connections

from reaching your Safe@Office appliance.

To fix this problem, do ONE of the following. (The solutions are listed in order of

preference.)

• Consider whether you really need the router. The Safe@Office appliance can be

used as a replacement for your router, unless you need it for some additional

functionality that it provides.

• If possible, disable NAT in the router. Refer to the router’s documentation for

instructions on how to do this.

• If the router has a “DMZ Computer” or “Exposed Host” option, set it to the

Safe@Office appliance’s external IP address.

• Open the following ports in the NAT device:

• UDP 9281/9282

• UDP 500

• UDP 2746

• TCP 256

• TCP 264

• ESP IP protocol 50

• TCP 981

I cannot receive audio or video calls through the Safe@Office appliance. What should I do?

To enable audio/video, you must configure an IP Telephony (H.323) virtual server. For

instructions, see Configuring Servers on page 397.

I run a public Web server at home but it cannot be accessed from the Internet. What should I

do?

Configure a virtual Web Server. For instructions, see Configuring Servers on page 397.