[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] SecuRemote requires accept fw-1 control connections on v4.1 but not v4.0
However on Firewall-1 v4.1, I find that I need to select "accept VPN-1 & Firewall-1 control connections" in the policy properties. I cannot seem to get SecuRemote to work by using specific rules in the rulebase. I have tried the following two rules without success: a) Src: Any Dst: Firewall Svc: FW1, FW1_key, FW1_topo, RDP Act: Accept Trk: Long b) Src: SecuRemote-Client Dst: Firewall Svc: Any Act: Accept Trk: Long Src: Firewall Dst: SecuRemote-Client Svc: Any Act: Accept Trk: Long In both cases, I also had the appropriate client encrypt rules present. The symptoms I see are that I can add the Firewall "site" OK, and the authentication dialog box appears. However authentication fails with "communication failed" message. Allowing "accept VPN-1 & Firewall-1 control connections" in the policy properties makes SecuRemote work fine. Does anyone know what has changed from V4.0 to V4.1 regarding SecuRemote that causes this? Is it possible to allow SecuRemote with just rules in the rulebase and not with "accept VPN-1 & Firewall-1 control connections" in the policy properties? I'm using Firewall-1 v4.1[DES] SP1 on Windows NT 4.0 SP5. SecuRemote is v4.1 [DES] on Win-95. I am using DES encryption, MD5 integrity and FWZ key exchange. Roy Hills -- Roy Hills Tel: +44 1634 721855 NTA Monitor Ltd FAX: +44 1634 721844 14 Ashford House, Beaufort Court, Medway City Estate, Email: [email protected] Rochester, Kent ME2 4FA, UK WWW: http://www.nta-monitor.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|