[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] SecureRemote and WINS
Thank
you once again for your input. A friend pointed me to CP doc that had a
sample dnsinfo.C with both split DNS and LMdata entries that I modified for our
network and it works like a champ. I don't have the link to the doc
nor my dnsinfo.C at my disposal at the moment, but I will post it if anyone
is interested. Just email me directly. It adds entries to the
lmhosts file, which I don't really care for. I would prefer that it
updated the WINS entry of the IP stack. I can't browse the network which
some of my users would want. I guess I have to settle for that until I can
come up with another solution and if anyone has one, I am all ears
(eyes?). Also, pushing a policy to the 4.1 FW1 and doing and update on my
SecureRemote client is all I have had to do whenever I modified the
dnsinfo.C. Try it. I swear it works on my FW. Lastly, my
friend had a good idea for distributing the customized userc.C. Simply
modify the one in the client distribution before rolling it out. The
install distribution is not compressed. Sweet and simple. Why didn't
I think of that? (no comments, Ed)
By the way.
Someone mentioned that one security flaw in the CheckPoint VPN architecture is
the fact that since you don't get an IP address on the inside of your network
like you do with other VPN systems you must configure all services inside your
network to allow connections from pretty much anywhere. Not a big deal
unless your firewall is comprimised, then it is a very big deal. I have
seen many posts asking how to resolve this or work around it and it seems that
the best solution would be to get an internal IP address and route internal
traffic through it just like other systems. Is this possible with CP VPN
and SR? PPTP through a SR tunnel is a pretty cumbersome
solution.
Scott
-----Original Message-----
From: CryptoTech [mailto:[email protected]] Sent: Friday, December 08, 2000 5:57 PM To: Scott Hunter Cc: '[email protected]' Subject: Re: [FW1] SecureRemote and WINS Scott,
|