User`s guide
Release Notes Inter-operability with Third-Party VPN Gateways
Release 3.5 Enhanced Support for VPN Clients
Rel. 3.5 Release Notes Page 25 of 30
Connecting to the Checkpoint 4.1 Firewall
This sample configuration demonstrates how to create an IPSec tunnel with pre-
shared keys between two private networks: a private network inside the ANG-1102
(192.168.1.1) and a private network inside the Checkpoint (10.120.54.x).
Hardware and Software Versions
! Checkpoint 4.1 Firewall
! ANG-1102 - V3.5 - Build166
Perform the following steps to configure the ANG-1102 and Checkpoint 4.1 Firewall.
ANG-1102
1. Select VPN Setup.
2. Enter the name of the tunnel - (reference only).
3. Enter the External Interface Address for the Nokia (146.115.206.31) - Tunnel
End Point.
4. Enter the Preshared Key or password for the tunnel.
5. Select Peer-to-Peer Mode.
6. Enter the Private Network Address/ Mask for the Checkpoint device
(10.120.54.0/24).
7. Select to Startup.
8. Click to Save/Apple.
Checkpoint 4.1 Firewall
1. Select Properties > Encryption and enter new values if necessary.
– Set the Checkpoint lifetimes to agree with the ANG1102 defaults. The IKE
lifetime is 86400 seconds =1440 minutes, IPSec lifetime = 28800 seconds).
2. Enter a Network Object for the Checkpoint Private Address. Select Manage >
Network objects > New (or Edit) > Network.
– Enter the name of the Network Object (Reference Only).
– Enter the Private Address/Mask of the Checkpoint network. This should
be same as the Private Address set on the ANG-1102.
– Set the location = internal.
3. Enter a Network Object for the Checkpoint. Select Manage > Network objects
> Edit.
– Enter the Gateway Tunnel Endpoint of the Checkpoint (146.115.206.31).
– Set the Location = Internal, Type = Gateway.
– Select VPN-1 & Firewall -1 check box under Modules.
– Select the Management Station Check Box.