| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] Disabling Secure Remote Policies
To all,
Currently, I have a policy server set up to force all Secure Remote clients
to block all inbound and allow outbound encrypted and unencrypted. This
creates a simple, yet effective personal firewall. Now, when these users
come back into work, Secure Remote realized that they are within the
encryption domain and don't try to connect to the network via the VPN
gateway. Unfortunately, the security policies are still active and
blocking all inbound connections. This causes a problem where the client
cannot listen to ICMP MTU discovery packets. The question is, has anybody
else seen this? Also, is there a way to disable the policy when Secure
Remote is not running. It seems that in order to disable the policies, you
need to start Secure Remote, disable the policy and then exit Secure
Remote.
A second question is how Secure Remote reacts when there are multiple entry
points with non-overlapping domains behind the gateways. When the client
is out on the Internet, I assume that he connects to the gateway servicing
that domain. But, when within the company and within a domain, does Secure
Remote try to connect to a gateway to reach another domain, or does he just
assume that they are connected via the LAN or WAN? This of course is
assuming that all the domains are inter-connected via the company WAN.
Thanks,
John
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
