The PhoneBoy Blog


Simplifying Telecom, Mobile Phones, Gadgets, and More!

FireWall-1 FAQ: Secure Client from Behind a Proxy Server

Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.


I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.


If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)


NG with Application Intelligence supports a mode where you can tunnel through a standard HTTPS proxy.

SecuRemote NG FP3 and prior is generally not supported through a proxy server. However, I theorize it will work if UDP Encapsulation is used with IKE. However, you have to figure out how to get the proxy server to intercept the communication to the Internet, not to mention the TCP-based topology fetch on port 264.

C-List #Cybersecurity Celebrity, Podcaster, #noagenda Producer, Frequenter of shiny metal tubes, Expressor of personal opinions, and of course, a coffee achiever.