We have a company which use the Pix as VPN Server. Now we have to connect an internal PC to CheckPoint FW with the SecureRemote Client.
We sniffered the intern and extern site of the Pix with following results:
the client update to the remote site is ok; we see
IKE pakets inside in both directions.
If we try a ping to a remote server , icmp is encapsulated in UDP with dest 2746, the reply reaches the outside of the PIX but not to the inside.
For testing we opened the access-lists but with no success.
Any suggestions ?