[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Question about the whole SecuRemote/NAT Issue

To: "'Jarrett Goetz'" <[email protected]>, "'[email protected]'" <[email protected]>
Subject: RE: [FW1] Question about the whole SecuRemote/NAT Issue
From: Frank Darden <[email protected]>
Date: Tue, 5 Sep 2000 19:46:14 -0400
Sender: [email protected]

It is much more effective and easy to upgrade to 4.1 SP2, and SecureClient 4165. This configuration allows SecuRemote to operate behind a NAT device.

Frank

-----Original Message-----
From: Jarrett Goetz [mailto:[email protected]]
Sent: Tuesday, September 05, 2000 2:43 PM
To: '[email protected]'
Subject: [FW1] Question about the whole SecuRemote/NAT Issue
Importance: High

I have a quick question about a solution I have been reading in many places in relation to the dreaded and aggravating SecuRemote and NAT issue that many people are having. In the following Phoneboy FAQ [http://www.phoneboy.com/fw1/faq/0141.htm], it talks about the :userc_NAT (true), :user_IKE_NAT (true), and for SecurRemote the :force_udp_encapsulation (true) variables. These are very straightforward. Then there is the other thing it says to add:

:isakmp.udpencapsulation (
        :resource (
                            :type (refobj)
                              :refname
                                           ("#_VPN1_IPSEC_encapsulation")
               )
                :active (true)

)

I have read in many places that it says to add it to the "gateway section" of the objects.C. Would this mean the firewall object itself? Or should it go somewhere else?

Can someone please tell me exactly where this should go?

Thanks all for your time.

Jarrett

Prev by Date: [FW1] Authentications per second
Next by Date: RE: [FW1] Destination Net Unreachable - local interface
Prev by thread: [FW1] Question about the whole SecuRemote/NAT Issue
Next by thread: RE: [FW1] Question about the whole SecuRemote/NAT Issue
Index(es):
- Date
- Thread