Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] SecuRemote ports

To: "'Konstantin Matev'" <[email protected]>, "'MZ'" <[email protected]>, [email protected]
Subject: RE: [FW1] SecuRemote ports
From: Amin Tora <[email protected]>
Date: Thu, 11 Jan 2001 17:49:04 -0500
Sender: [email protected]


Keep in mind that newer builds of SecuRemote try to connect via port TCP:264
fw_topo first, then go down to port TCP:256 for backward compatibility...
;)



-----Original Message-----
From: Konstantin Matev [mailto:[email protected]]
Sent: Thursday, January 11, 2001 5:35 PM
To: 'MZ'; [email protected]
Subject: RE: [FW1] SecuRemote ports



Make sure that you have open 256(tcp) FW1 and 500(udp) IKE. That's all ports
you need for secure remote with IKE authentication. Enable a rule above the
Client Encrypt rule that says:

any  firewall 256;500(udp) accept log 

-Dex

>  -----Original Message-----
> From: 	MZ [mailto:[email protected]] 
> Sent:	Thursday, January 11, 2001 1:26 PM
> To:	[email protected]
> Subject:	[FW1] SecuRemote ports
> 
> 
> 
> Hi all
> 
> I am using SecuRemote build 4165 and FW1 4.1 SP2 and have the following
> problem.  After spending days pulling my hair out I realised after running
> a port scan and packet sniffer that the SecuRemote packets on port 264 &
> 265 were being blocked by the leased line provider. After having a go at
> them, they finally reconfigured their routers and I am now able to create
> and update sites.
> 
> I have also got them open UDP port 259 and I have tested this by telneting
> to that port. When SecuRemote is activated and I try and access resources
> behind the firewall, I am obviusely presented with the login dialogue box
> and I get the following error:
> 
> No answer from firewall at x.x.x.x and I am not authenticated. 
> 
> The packet sniffer does not see any packets from the SecuRemote client,
> which means that they never reach my firewall and are dropped somewhere. I
> have analysed the packets on working SecuRemote setup and the packets show
> up as IP service 94 and IP service 17. Could someone explain this for me
> as the ISP doesn't know what is going wrong.
> 
> Best regaards and thks in advance.
> 
> MZ


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] SecuRemote ports
Next by Date: RE: [FW1] Policy compile and load uses 617MB RAM
Previous by thread: RE: [FW1] SecuRemote ports
Next by thread: RE: [FW1] SecuRemote ports
Index(es):
- Date
- Thread