Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Securemote On NT4.0 with STATIC NAT to Client

To: "'[email protected]'" <[email protected]>
Subject: [FW1] Securemote On NT4.0 with STATIC NAT to Client
From: "Wilkins, Jason (BIS)" <[email protected]>
Date: Tue, 17 Apr 2001 18:34:42 +0100
Sender: [email protected]

Hi,

I am new to securemote!

I have installed a PC with a legal IP address and this is connected directly
to the internet.

Securemote works a treat, when i  go to a web server inside our network i
get prompted to authenticate.

I authenticate and i get to the web server.

All works well!!!


HOwever

We have several PC's on a site where we are renting space.

Each PC has internet access and each PC has Static NAT (dedicated legal IP
alolocated via NAT at Firewall)

I have asked the administrator of the remote firewall to allow the following
ports

 TCP port 256 between client and Management Console. This is only needed
to fetch and update the site information and will
     always originate from the SecuRemote client 
     UDP port 259 to negotiate encryption and authentication information. 
     UDP port 500 to negotiate encryption keys when ISAKMP is used. 
     IP Protocol 94 bi-directionally when FWZ encapsulation is used. 
     IP Protocol 50 bi-directionally when ISAKMP is used. 


Probelm is as follows 

At the client i can create the site in Securemote and it connects fine 

I have even authenticated fine!

However after the authentication no other traffic appears in the firewall
log.

What am i doing wrong?

To recap a PC with a legal address connects to services via Securemote fine

A PC with Static NAT authenticates but no other traffic flows or seems to,
traffic is passing thro a Checkpoint Firewall-1 suystem. I have not been
able to talk with the administrator of this system. I will try and acertain
if any traffic is being blocked.

However am i missing somethibng obvious? 
Do i need to modify objects.c?

Regards
Jase



**********************************************************************
This email and any files transmitted with it are confidential
 and intended solely for the use of the addressee(s).
 If you have received this email in error please notify the 
sender. Contents, which do not relate to formal Billiton 
business, are not endorsed by the company.

**********************************************************************


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] Packet Loss through Firewall
Next by Date: [FW1] number of concurrent connections
Previous by thread: RE: [FW1] Securemote On NT4.0 with STATIC NAT to Client
Next by thread: [FW1] DR.Watson with FW-1 4.0
Index(es):
- Date
- Thread