[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] user rule
Title: RE: [FW1] user rule I would suggest getting this person SeceRemote, it is a part of FW-1/VPN-1 and available free for download at checkpoint's site. You would need to setup user authentication object within the policy database and create a rule similar to the one below: The user objects you create would need to be setup with the right encryption (IKE, FWZ). We use IKE since it is the easiest to setup and a shared secret is all you need for the firewall and the client authentication. The SecuRemote is free for download, BUT you MUST get a license for it from your reseller or checkpoint. The license is free, but it is REQUIRED in order for SR. SecuRemote User objects (or a group) --> Allowed destination --> Allowed Services or Groups access to --> Client Encrypt This rule would is pretty plain, but it works. \You can restrict the SR users to certain networks or server objects if you want to further lock down their access. I am curious as to why they cnnot get a static IP though...oh well I hope this answers your question... Regards, Benjamin Sprouse
-----Original Message-----
Hi all I have a question that I didn't find an answer to already and I've
I want to setup a rule to allow an external user access inside my
How would I write the rule and what objects would I need to create?
cee ================================================================================
|