[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Secure Remote questions
I need some clarification on how Secure Remote works and I can't seem to find the information at Checkpoint or Phoneboy's website. I need to know if the following scenario will work with Secure Remote: Secure Remote user creates a VPN to our F/W to access our Internal resources. The Secure Remote user is running NT4.0 workstation and has a printer attached to it via a serial cable. The printer is shared on the NT domain. The Secure Remote user opens a connection to a SAP server, does whatever they need to do, and then requests that the SAP server print the job to the Secure Remote user's local printer (NT domain shared). The SAP server sends the print job to the NT LAN print server, which queues it up and sends it to the Secure Remote user workstation. The Secure Remote user has a static address from their ISP (x.x.x.x) and we created an object in the F/W, which we NAT to a different address (172.21.x.y). We told the NT LAN print server to point to the 172.21.x.y address to send the print jobs for the Secure Remote user's local printer. The theory being that the F/W would get the request and send it out the VPN back to the Secure Remote user. We have been told by a couple of different support techs (Verisign and Gobosh) that this will not work because the Secure Remote user can establish a TCP connection INTO the encryption domain, but a workstation can not establish a TCP connection to the Secure Remote user. This seems to make sense, since the Secure Remote user can ping the NT LAN printer successfully, but the NT LAN printer can not initiate a ping to the Secure Remote user. Herein lies the problem: This worked successfully for the last 7-8 months. One day, I added another network to the Encryption domain on the F/W and then all of a sudden it stopped working. I changed the Encryption domain back and it still doesn't work. Everyone that I have talked to (including this list) has told me that the change I made on the F/W would not have affected the Secure Remote users. Does anyone have a resource they can suggest that will give in-depth details about what Secure Remote can do and how it works? Everything that I can find on the product seems to have been designed for a sales presentation. Any help is appreciative. -Ed ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|