|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] FW1> VPN-1 Client won't connect
Au contraire, Must contradict--time short--patience too.... SecuRemote WILL work from behind a NAT'ed device. If you look at the research, Check Point developed the methodology, and THEN submitted it to Lucent, Nortel, and Cisco for review. Mark, I think Satish is on the right track with the recommendation to do a site to site. Unless encryption to the end client is a requirement. If so, then you will have to coordinate with the remote fwadmin to open some ports. If auth is working and then nothing else, chances are their device is not allowing ESP and AH packets to pass. IP types 50 and 51. You could alternatively try forcing the client to use Encapsulation mode which will allow them to use a udp transport instead. HTH, CryptoTech Satish Bhatt wrote: > Hey Dude > > If you have a FW-1 on the remote office itself then create a VPN between > the two firewalls and do not use Securemote on the LAN. > > Securemote on the LAN cannot connect due to the fact that securemote from > behind NAT is not compatible. > > Rgds > > At 05:08 PM 07/02/2001 -0600, Mark Maling wrote: > > >Hello, I've got a Firewall-1 setup to VPN with clients using SecuRemote v. > >4.1 SP-2 DES. Currently my clients can connect successfully if they dial in > >to their own ISP and then tunnel in to our VPN. What they cannot do is > >connect to our VPN across their LAN in our remote office. From the remote > >office they are going out on the internet through another Firewall-1 running > >the same versions of firewall and VPN software. They can authenticate to my > >firewall successfully, and I can see on my firewall that they have > >authenticated. However, after they authenticate to my firewall, they cannot > >browse my network or connect to any of my network resources. I'm wondering > >if there's a setting on their firewall that they need to change in order for > >the VPN clients to go OUT from their office successfully. The connection to > >the internet that they have is a DSL line, does anyone know if there is a > >problem using SecuRemote over a DSL connection? Any insights into this > >problem would be greatly appreciated. > > > >Another problem I have is with my firewall. I've never been able to edit the > >security policy using the policy editor. Every time I try to connect to the > >firewall using the GUI client it just says "Cannot Connect!". I have set the > >user name and IP address on the firewall for the machine that is running the > >GUI client, so I'm not sure what else to try... > > > >-Thanks for help, you guys/gals are awesome! > > > > > >================================================================================ > > To unsubscribe from this mailing list, please see the instructions at > > http://www.checkpoint.com/services/mailing.html > >================================================================================ > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
