[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Disabling Secure Remote Policies
To all, Currently, I have a policy server set up to force all Secure Remote clients to block all inbound and allow outbound encrypted and unencrypted. This creates a simple, yet effective personal firewall. Now, when these users come back into work, Secure Remote realized that they are within the encryption domain and don't try to connect to the network via the VPN gateway. Unfortunately, the security policies are still active and blocking all inbound connections. This causes a problem where the client cannot listen to ICMP MTU discovery packets. The question is, has anybody else seen this? Also, is there a way to disable the policy when Secure Remote is not running. It seems that in order to disable the policies, you need to start Secure Remote, disable the policy and then exit Secure Remote. A second question is how Secure Remote reacts when there are multiple entry points with non-overlapping domains behind the gateways. When the client is out on the Internet, I assume that he connects to the gateway servicing that domain. But, when within the company and within a domain, does Secure Remote try to connect to a gateway to reach another domain, or does he just assume that they are connected via the LAN or WAN? This of course is assuming that all the domains are inter-connected via the company WAN. Thanks, John ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|