[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] VPN Configuration
Aha, so that's the way it is done. Where can I find this "Cleartext" topology setting? Is it a rule that needs to be defined? Thomas -----Original Message----- From: Michael Liberte [mailto:[email protected]] Sent: Wednesday, January 10, 2001 12:35 PM To: Thomas Nilsen; 'Rick McMaster'; [email protected] Subject: RE: [FW1] VPN Configuration Just a thought... Not anyone with access to a SecuRemote client should be able to get the topology. Cleartext topology requests should be disabled, so only a valid user would be able to get a topology, after authenticating himself to the Firewall. Michael. -----Original Message----- From: Thomas Nilsen [mailto:[email protected]] Sent: Wednesday, January 10, 2001 1:23 PM To: 'Rick McMaster'; [email protected] Subject: RE: [FW1] VPN Configuration Would there be a problem if only some hosts on the inside is included in the encryption domain. We don't want to include all of the networks as it will be exported for SecuRemote clients, and therfor IP info will be available to anyone with access to a securemote client. Regards, Thomas -----Original Message----- From: Rick McMaster [mailto:[email protected]] Sent: Tuesday, January 09, 2001 2:48 PM To: Thomas Nilsen; [email protected] Subject: RE: [FW1] VPN Configuration The encryption domain for a firewall is all of the networks that the firewall should be providing encryption services for. This will include all networks protected by the firewall as well as the firewall itself. Rick McMaster ePlus Technology http://www.eplus.com -----Original Message----- From: Thomas Nilsen [mailto:[email protected]] Sent: Tuesday, January 09, 2001 4:24 AM To: [email protected] Subject: [FW1] VPN Configuration Does anyone know of any good and detailed documentation on the VPN configuration of FW-1. The VPN guide that comes with FW-1 is a bit limited on the "Encryption Domain" part. What is supposed to go into the Encryption Domain, is it only the internal network, shall the FW server object be included? Regards, Thomas Nilsen Kverneland IT AS Global Services Tel: +44 1380 722361 Ext 201 - Mob: +44 (0)============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|