Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] VPN-1 SP2 & SecuRemote Version 4115

To: [email protected]
Subject: RE: [FW1] VPN-1 SP2 & SecuRemote Version 4115
From: [email protected]
Date: Thu, 28 Sep 2000 12:22:22 -0400
Cc: [email protected]
Sender: [email protected]

Is this via Securemote or internal access going through the firewall?

Have you utilized the split dns document at www.checkpoint.com/~joe ?

If you are speaking about getting from your internal site (10.x.x.x or
equivalent) and lets say you have a web server on your external side thats
200.200.200.200 which is also natted to 10.1.1.2

If you use NetBIOS resolution, you get to the server with an internal IP
address.

If you try to get to the actual host, www.yourserver.com which is located at
200.200.200.200, there will be a problem. 

This is because the firewall always assumes it is between a host and a end
server). 

It has to do with routing and NAT.

The short answer is that you should have an internal dns for your internal
hosts, and an external dns to resolve outside. Hopefully you don't currently
have wins being dumped into dns, and external users can resolve EVERY host.

Phoneboy has a write-up on this:

Write back if you have any issues.


-----Original Message-----
From: Bob Bisignani [mailto:[email protected]]
Sent: Thursday, September 28, 2000 12:06 PM
To: [email protected]; [email protected]
Subject: RE: [FW1] VPN-1 SP2 & SecuRemote Version 4115


Thomas,
      We had problems with DNS not working, e.g., I could get to a web 
server (Intranet site) if I used the netbios name (wins may have been 
working) but not when using the CNAME (DNS name).

      Thanks for your help and response.

Bob


>From: [email protected]
>To: [email protected]
>Subject: RE: [FW1] VPN-1 SP2 & SecuRemote Version 4115
>Date: Thu, 28 Sep 2000 08:51:26 -0400
>
>I've found that even 4005 with fwz is ok. I;ve seen more issues with IKE.
>
>Thomas
>
>-----Original Message-----
>From: Bob Bisignani [mailto:[email protected]]
>Sent: Wednesday, September 27, 2000 10:21 PM
>To: [email protected]
>Subject: [FW1] VPN-1 SP2 & SecuRemote Version 4115
>
>
>
>      Has anyone upgraded to version 4.1 SP2 on VPN-1 while still using the
>old client 4115 using FWZ?
>
>      Thanks
>
>Bob
>_________________________________________________________________________
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>Share information about yourself, create your own public profile at
>http://profiles.msn.com.
>
>
>
>===========================================================================
=
>====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>===========================================================================
=
>====

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.


begin 600 FireWall-1 FAQ- Can't Talk to Translated IP from Internal Net.url
M6TEN=&5R;F5T4VAO<G1C=71=#0I54DP]:'1T<#HO+W=W=RYP:&]N96)O>2YC
M;VTO9G<Q+V9A<2\P,3<Y+FAT;6P-"DUO9&EF:65D/3DP-D9$0S9#-C<R.4,P
&,#$Y.`T*
`
end


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] DSL and Secure remote
Next by Date: [FW1] Log Processing
Previous by thread: RE: [FW1] VPN-1 SP2 & SecuRemote Version 4115
Next by thread: RE: [FW1] VPN-1 SP2 & SecuRemote Version 4115
Index(es):
- Date
- Thread