SecuRemote vpn connection

[suderman]

Hello All !

It's my first post so I'm not sure it's a good place to put here a post like this.

I was trying to setup vpn connection with my Checkpoint NG R55 using SecuRemote client.

All Checkpoint's interfaces are private addresses so to connect from outside
NAT is performed on Cisco Router which serves as gateway to internet and one of it's interfaces is public.
The router is Cisco 832 SOHO Router.

Here's how it looks like:
I connect to public interface of the router with SecuRemote client.
The client is connecting to Firewall then I have a window asking for username and password but when client is exchanging keys with firewall nothing happens and I have a error that Communication failed.

on Checkpoint's side all is ok. I've setup a Remote access community, group, users, rules, ...
When I connect from internal network everything is fine
so I suppose problem is on Cisco Router - especially NAT configuration

Should I forward some ports to external clients ?
if yes which one ?

I've tried with forwarding udp-500 (IKE), tcp-264 (fw1_topo) ...
but it didn't help

any ideas and suggestions appreciated.

Thank You

 

[watchguardmonkey]

50, 500, 259, 264, 18234, 18231, 18233, 2746, 65524 ESP, IKE-UDP/TCP, UDP-FW1-RDP, TCP-FW1-topo, UDP-tunnel test, TCP-FW1-pslogon-NG, UDP-FW1-scv-keepalive, UDP-IPSEC-encapsulation, TCP-fw1-sds-logon

these ports must be mapped through to the FW.