NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Securemote issue



Isn't it easier to "train"  the users to ignore a message than to enter a
pile of IP information ?

The only issue we see from this is that if the user doesn't have admin
access on NT then they can't do an IPCONFIG /release, however a reboot seems
to resolve fairly well.

Tim

-----Original Message-----
From: Dan Guinn [mailto:[email protected]]
Sent: 30 November 2000 20:03
To: '[email protected]'
Subject: RE: [FW1] Securemote issue



Good point...DHCP could make life much easier, but it could also make the
machine complain that it can't get an IP when it's remote.

Dan Guinn
NetStar Communications

-----Original Message-----
From: Andrew Bagrin [mailto:[email protected]]
Sent: Thursday, November 30, 2000 1:39 PM
To: Kimberly Newton; [email protected]; [email protected];
[email protected]; [email protected]
Subject: Re: [FW1] Securemote issue



Why don't you put them on DHCP in the office?
Andrew Bagrin
Secure-1www.secure-1.com
----- Original Message -----
From: Kimberly Newton <[email protected]>
To: <[email protected]>; <[email protected]>;
<[email protected]>; <[email protected]>
Sent: Thursday, November 30, 2000 5:21 PM
Subject: Re: [FW1] Securemote issue


>
> I have a question regarding this, also. I went ahead and took the IP
address
> off and it worked wonderfully. Thank you very much, Dan. However, now what
> do we do when the people are back in the office and need to be on the
> network with an IP address? Is there a way to make this work without
having
> to have the user delete their IP address when on the road and then plug
the
> info back in when they get back to the office?
>
> >From: "Dan Snyder" <[email protected]>
> >To: "Robert MacDonald" <[email protected]>,
> ><[email protected]>, <[email protected]>
> >Subject: Re: [FW1] Securemote issue
> >Date: Wed, 29 Nov 2000 20:02:01 -0500
> >
> >
> >are these workstations that are used in the office as well as remote use?
> >if you are sure that the encryption domain has been verified correctly,
> >make
> >sure that the workstation doesn't have an address, of the network you are
> >trying to attach to, assigned to the nic. if so release it unless it is
> >win2000 workstation
> >----- Original Message -----
> >From: "Robert MacDonald" <[email protected]>
> >To: <[email protected]>; <[email protected]>
> >Sent: Monday, November 20, 2000 8:11 AM
> >Subject: Re: [FW1] Securemote issue
> >
> >
> > >
> > > Idan,
> > >
> > > Assuming(ack) that you have the excryption domain
> > > defined properly, it sounds like you don't have
> > > a rule to allow IKE or FWZ.
> > >
> > > Your firewall object should have either of these
> > > checked. What does the remote clients' user.C
> > > look like? Does it include the correct systems?
> > >
> > > By any chance, do you have a local NIC defined
> > > on the client? If so, that also may be your problem.
> > >
> > > What rule was associated with the decrypt log entry?
> > > Are you sure there wasn't any other log entries. Do
> > > you have a sniffer available to you?
> > >
> > > Robert
> > >
> > > - -
> > > Robert P. MacDonald, Network Engineer
> > > Team Lead, e-Business Infrastructure
> > > G o r d o n   F o o d    S e r v i c e
> > > Voice:email: [email protected]
> > >
> > > >>> Idan Dolev <[email protected]> 11/19/00 11:15:14 AM >>>
> > > >
> > > >Hi guys,
> > > >
> > > >Has anybody encountered a problem with securemote where you get
> > > >authenticated by the firewall but still no communication with the
> >internal
> > > >lan.
> > > >
> > > >I already checked the encryption domain, rewrote the rule,
> >anti-spoofing
> > > >checked, the user was checked, fwz and IKE had the same behavior.
> > > >
> > > >I could see in the event log a decrypt connection to my client be
still
> >no
> > > >data shown on my client.
> > > >
> > > >The firewall is 4.1 sp2 on NT,
> > > >
> > > >Any comments before I break down and cry......
> > > >
> > > >Idan
> > >
> > >
> > >
> > >
> > >
>
>===========================================================================
=
> >====
> > >      To unsubscribe from this mailing list, please see the
instructions
> >at
> > >                http://www.checkpoint.com/services/mailing.html
> > >
>
>===========================================================================
=
> >====
> > >
> >
> >
>
>===========================================================================
=====
> >      To unsubscribe from this mailing list, please see the instructions
at
> >                http://www.checkpoint.com/services/mailing.html
>
>===========================================================================
=====
>
>
____________________________________________________________________________
_________
> Get more from the Web.  FREE MSN Explorer download :
http://explorer.msn.com
>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====
************************************************************************
The information in this email is confidential and is intended solely
for the addressee(s).
Access to this email by anyone else is unauthorised. If you are not
an intended recipient, you must not read, use or disseminate the
information contained in the email.
Any views expressed in this message are those of the individual sender,
except where the sender specifically states them to be the views of
The Capital Markets Company.

http://www.capco.com
***********************************************************************



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.