[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Securemote issue
Isn't it easier to "train" the users to ignore a message than to enter a pile of IP information ? The only issue we see from this is that if the user doesn't have admin access on NT then they can't do an IPCONFIG /release, however a reboot seems to resolve fairly well. Tim -----Original Message----- From: Dan Guinn [mailto:[email protected]] Sent: 30 November 2000 20:03 To: '[email protected]' Subject: RE: [FW1] Securemote issue Good point...DHCP could make life much easier, but it could also make the machine complain that it can't get an IP when it's remote. Dan Guinn NetStar Communications -----Original Message----- From: Andrew Bagrin [mailto:[email protected]] Sent: Thursday, November 30, 2000 1:39 PM To: Kimberly Newton; [email protected]; [email protected]; [email protected]; [email protected] Subject: Re: [FW1] Securemote issue Why don't you put them on DHCP in the office? Andrew Bagrin Secure-1www.secure-1.com ----- Original Message ----- From: Kimberly Newton <[email protected]> To: <[email protected]>; <[email protected]>; <[email protected]>; <[email protected]> Sent: Thursday, November 30, 2000 5:21 PM Subject: Re: [FW1] Securemote issue > > I have a question regarding this, also. I went ahead and took the IP address > off and it worked wonderfully. Thank you very much, Dan. However, now what > do we do when the people are back in the office and need to be on the > network with an IP address? Is there a way to make this work without having > to have the user delete their IP address when on the road and then plug the > info back in when they get back to the office? > > >From: "Dan Snyder" <[email protected]> > >To: "Robert MacDonald" <[email protected]>, > ><[email protected]>, <[email protected]> > >Subject: Re: [FW1] Securemote issue > >Date: Wed, 29 Nov 2000 20:02:01 -0500 > > > > > >are these workstations that are used in the office as well as remote use? > >if you are sure that the encryption domain has been verified correctly, > >make > >sure that the workstation doesn't have an address, of the network you are > >trying to attach to, assigned to the nic. if so release it unless it is > >win2000 workstation > >----- Original Message ----- > >From: "Robert MacDonald" <[email protected]> > >To: <[email protected]>; <[email protected]> > >Sent: Monday, November 20, 2000 8:11 AM > >Subject: Re: [FW1] Securemote issue > > > > > > > > > > Idan, > > > > > > Assuming(ack) that you have the excryption domain > > > defined properly, it sounds like you don't have > > > a rule to allow IKE or FWZ. > > > > > > Your firewall object should have either of these > > > checked. What does the remote clients' user.C > > > look like? Does it include the correct systems? > > > > > > By any chance, do you have a local NIC defined > > > on the client? If so, that also may be your problem. > > > > > > What rule was associated with the decrypt log entry? > > > Are you sure there wasn't any other log entries. Do > > > you have a sniffer available to you? > > > > > > Robert > > > > > > - - > > > Robert P. MacDonald, Network Engineer > > > Team Lead, e-Business Infrastructure > > > G o r d o n F o o d S e r v i c e > > > Voice:email: [email protected] > > > > > > >>> Idan Dolev <[email protected]> 11/19/00 11:15:14 AM >>> > > > > > > > >Hi guys, > > > > > > > >Has anybody encountered a problem with securemote where you get > > > >authenticated by the firewall but still no communication with the > >internal > > > >lan. > > > > > > > >I already checked the encryption domain, rewrote the rule, > >anti-spoofing > > > >checked, the user was checked, fwz and IKE had the same behavior. > > > > > > > >I could see in the event log a decrypt connection to my client be still > >no > > > >data shown on my client. > > > > > > > >The firewall is 4.1 sp2 on NT, > > > > > > > >Any comments before I break down and cry...... > > > > > > > >Idan > > > > > > > > > > > > > > > > >=========================================================================== = > >==== > > > To unsubscribe from this mailing list, please see the instructions > >at > > > http://www.checkpoint.com/services/mailing.html > > > > >=========================================================================== = > >==== > > > > > > > > >=========================================================================== ===== > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > >=========================================================================== ===== > > ____________________________________________________________________________ _________ > Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com > > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ************************************************************************ The information in this email is confidential and is intended solely for the addressee(s). Access to this email by anyone else is unauthorised. If you are not an intended recipient, you must not read, use or disseminate the information contained in the email. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of The Capital Markets Company. http://www.capco.com *********************************************************************** ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|