Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] FWZ1 and Protocol94

To: <[email protected]>
Subject: RE: [FW1] FWZ1 and Protocol94
From: "Steve R" <[email protected]>
Date: Mon, 20 Nov 2000 15:43:27 +1300
Importance: Normal
In-reply-to: <[email protected]>
Reply-to: <[email protected]>
Sender: [email protected]

Ahem,

Well seeing as I've managed to answer my own question by actually paying
attention to what I'm reading. I'll retract this one and concentrate more on
why I can't seem to get the encrypted authentication traffic through my
Firewall.

Cheers,

SteveR
>
> Hi all,
>
> I have a question regarding how SecurRemotes encryption
> works, I have this
> from phoneboy.com:
> SecuRemote allows "encrypted" access between a Win9x/NT machine and a
> FireWall-1 firewall. SecuRemote uses one of three methods to
> exchange keys
> and encrypt data, depending on what you choose:
> FWZ without encapsulation: Uses FWZ1 or DES to encrypt the
> packets. Only the
> data portion of the packet is encrypted. The IP headers are
> left alone.
> FWZ with encapsulation: Same as above, except packets are
> encapsulated in IP
> Protocol 94 packets.
> ISAKMP (available with FireWall-1 4.0 and later): Allows for
> DES or 3DES to
> be used to encrypt the packets. Packets are encapsulated in
> packets of IP
> Protocol 50 and 51 (i.e. those used for IPSEC)
>
> With regards to the encapsulation options, If I'm using FWZ without
> encapsulation, does this mean the traffic is not being sent
> via protocol 94?
> and is simply encrypting the traffic and sending it via the
> applications own
> ports?
> The reason being is I have a firewall which wont pass protcol
> 50 or 94, but
> I want to run a SecurRemote client from behind it.
>
> SteveR
>
>
>
>
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] FWZ1 and Protocol94
  - From: "Steve R" <[email protected]>

Prev by Date: [FW1] Nokia Throughput
Next by Date: [FW1] Re: Linux module issues for FW-1
Previous by thread: [FW1] FWZ1 and Protocol94
Next by thread: [FW1] [FW-1] Important Files to know
Index(es):
- Date
- Thread