Trying to help a client get his checkpoint vpn users through a PIX firewall. No nat'ing on the pix, access-lists allow esp and isakmp passthrough. Any thing else you can think of?
Actually you don't have to do anything on the Pix firewall if the Checkpoint FW also VPN via UDP encapsulation (i.e. udp port 2746). I am using SecureRemote behind a Pix FW (running version 6.3.3) via "hide" NAT connect to a Checkpoint NG Feature Pack 3 with HFA323 and it works just fine.
