Re: [FW1] encryption being denied

["Robert MacDonald" <rmacdonald@FW1-NOSPAMgfs.com>]

Kristin,

We're talking about fw1 v4.1 right?

Can you create/update each site from the fw
manager? Do you have rules that allow RDP for
each firewall to allow access(or the policy prop to
allow control connections)?

What does the top of the SR file
$SRBaseDir\database\userc.C look like. I'm looking
for the section that starts with ':gws' and right below
it has the ':obj' section. This is where it should specify
the external IP of the fw(s).

Robert

- -
Robert P. MacDonald, Network Engineer
Team Lead, e-Business Infrastructure
G o r d o n   F o o d    S e r v i c e
Voice:email: rmacdonald@gfs.com

>>> Kristin Sutter <ksutter@corp.webb.net> 11/27/00 7:56:04 PM >>>
>
>I'm using checkpoint firewall-1 sp1.  I'm running secure remote on a laptop
>dialed into a random ISP.  The encrypting management console manages 2
>separate firewalls located at different sites (1 corp, 1 branch office).
>Both have client-encrypt rules set up for all internal networks that are
>first in the rule base and both have defined D-H keys.  Both firewalls are
>utilizing FWZ and see the management console as the CA.  When I try to
>access a website protected by the local firewall (mgmt console and firewall
>for corporate are located in 1 office with 2nd firewall in branch office), I
>obtain access fine.  However, when trying to access a website at the remote
>office I get rejected. 
>
>My secure remote client can access most services in the corp encryption
>domains, however, netbios resolution (nbname) is still being rejected. 
>
>In both situations, the service is being rejected by the last rule in rule
>base (reject any-any).
>
>thanks for you help,
>Kristin




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================