Checkpoint SecuRemote behind a router

[lengoo]

Dear All,
I have a couple of PCs behind a Cisco router which have SecuRemote loaded.. however, it is not possible to get SecuRemote to work behind the router... I am not sure what rules/access lists I need to put in to allow this. Does anyone have any idea?
The only way I can get this to to work currently is to initiate a separate dial up connection from the PC.. that works.
I have seen this working behind a router in this configuration but I have no idea.. please help!!
Ta

 

[sajithmohd]

Hi,
Ensure if it works normally when you dial-up and connect to the Internet.. Just to eliminate possiblities of ISP blocking ports etc..

If connecting behind the router is the only problem then this might be of help.. check it out..

These port need to be open or allowed explictly in the Cisco routers ACL.. to allow Secure Client NG?

- TCP/264 (Topology Download)
- IKE
- IPSEC and IKE (UDP on port 500)
- IPSEC ESP (IP type 50)
- IPSEC AH (IP type 51)
- TCP/500 (if using IKE over TCP)
- UDP 2746 or another port (if using UDP encapsulation)
- TCP 18234 tunnel test (determines wheteher to use NAT traversal)
- TCP 259 RDP used to calculate peer gateway in MEP configurations

SecureClient specific connections:
- FW1_scv_keep_alive (UDP port 18233) - used for SCV keep-alive packets
- FW1_pslogon_NG (TCP port 18231) - used for SecureClient's logon to Policy Server protocol
- FW1_sds_logon (TCP port 18232) - used for SecureClient's Software Distribution Server download protocol