NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] SR over @HOME connection (See Notice Below)




I am running 4.1SP2 (upgraded from 4.0SP4) and I have 4 users with
SecuRemote running through a Linksys.  This is what I did to get them to
work.

Upgraded the Linksys firmware to 1.35 or higher
Enabled IPSec passthrough on the Linksys
Setup port forwarding on the Linksys to forward 50-51, 500, 256,259,264 to
the PC w/SecuRemote
switched the key schemes for the users to IKE

SR versions 4.157 and 4.165 were used.

Keith White



                                                                                                                                           
                    Andy David <[email protected]>                                                                                        
                    Sent by:                                    To:     "FW-1 List (E-mail)" <[email protected]>    
                    [email protected]        cc:                                                                        
                    kpoint.com                                  Subject:     RE: [FW1] SR over @HOME connection (See Notice Below)         
                                                                                                                                           
                                                                                                                                           
                    11/02/00 03:21 PM                                                                                                      
                                                                                                                                           
                                                                                                                                           




And just as a an added thought.
When I did a clean install of 4.1 Sp2 on the backup firewall, I had no
problems accessing with SR via my DSL.
However, when I upgraded from 4.0 to 4.1 SP2 on the production box, I wasnt
able to with the exact same rules and setup as the backup firewall.(
Believe
me I double checked!)
After removing 4.0 and doing a clean install of 4.1 on the prod box and
recreating everything, I was able to then again use the DSL with SR.

I was never to isolate the reason why and since it worked, it didnt really
matter at the time.


Andy David
J. Muller International / Egis, Inc.




-----Original Message-----
From: Reynolds, Tom [mailto:[email protected]]
Sent: Thursday, November 02, 2000 2:34 PM
To: '[email protected]'; Joe Delsol
Cc: FW-1 List (E-mail)
Subject: RE: [FW1] SR over @HOME connection (See Notice Below)



Hi all,

We were recently able to resolve this same issue with DSL and the NAT and
LinkSYS router.  What I came to realize from the logs was that the firewall
was issuing a KEY INSTALL to one address (the routers valid address) and
then traffic tried to come in from the host (NATed address).  That wasn't
going to work.  We had the client turn off NAT, use a valid internet
address, install a personal firewall, and all worked.

Sorry I can't be more specific about the LinkSYS config.  I only needed to
get the VPN working, not start troubleshooting DSL and NAT issues.

If you need to work it out with NAT, Phoneboy.com had some info about
LinkSYS and NAT and DSL.  Good Luck.

Tom Reynolds, MCSE, CCNA
_________________________
Pilgrim Baxter and Associates
Network Security and Engineering
825 Duportail Rd.
Wayne, Pennsylvania [email protected]


-----Original Message-----
From: [email protected]
[mailto:[email protected]]
Sent: Thursday, November 02, 2000 1:12 PM
To: Joe Delsol
Cc: FW-1 List (E-mail)
Subject: Re: [FW1] SR over @HOME connection (See Notice Below)




DSL is not support by Checkpoint. It works sometimes and sometimes it does
not.




Joe Delsol <[email protected]> on 11/02/2000 12:46:29 PM

To:   "FW-1 List (E-mail)" <[email protected]>
cc:    (bcc: Gail Hulse/DEWEY)
Subject:  [FW1] SR over @HOME connection





Is anyone able to do this?
I had two users try last night and they had different results.. The first
could get Authenticated, but the second was prompted for the
USERid/password
and then was not able to reach the server.. The person that did get
Authenticated was not able to get any packets to the site after the
Authentication.

The known difference between the two users is that the one that did get
Auth. has a linkSYS DSL/Cable broadband router doing NAT.

We do have SR working from behind NAT over DSL.

Any ideas?
Thanks!
     Joe
If you want to send direct to me, I'll keep your post off the list.



============================================================================

====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================

====


================================================================================

     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================







================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.