[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Problem with SecuRemote-Connection to Encryption Domain
Hi, I hope this is an easy one and I'm just overlooking something. I have a SecuRemote client configured and it can fetch the topology of the encryption domain. in my experimental rulebase I have two rules: securemote-test@any any HTTP->CVP-Resource client-encrypt securemote-test@any encryption-dom telnet client-encrypt The first rule enables the client to set the firewall up as its http-proxy and thus use the CVP server for content security. This works fine. The second rule should allow telnet access to one host behind the firewall. This host, pluto, has a 192.168. range address and static NAT to a official address. Both addresses apear in the userc.c files. Now, when I try to telnet to pluto, regardless which address used, I can see the following in the firewall log file Action Service Source Destination Rule User authcrypt 62.124.21.165 1 test authcrypt 62.124.21.165 2 test drop telnet 62.124.21.165 pluto 25 Rule 25 is the last drop all rule According to the "manual" rule 2 should be enough to enable the telnet access from the authorized client to pluto. What am I missing here??? Any comments and hints and of course solutions :-) are highly appreciated. Kind regards, Jörg // pallas GmbH ............ Joerg Oertel ........... Hermuelheimer Str. 10 System engineer D-50321 Bruehl, Germany [email protected] phone +49-(0)2232-1896-0 http://www.pallas.de fax +49-(0)2232-1896-29 ........................................................ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|