[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Forcing UDP encapsulation on SecuRemote Clients
Hello all, Let me preface this note by saying that I'm no expert on FW1. Last October we upgraded from 4.0 to 4.1, and kept our VPN encryption scheme at FWZ following the recommendation of the firm providing us with firewall support. Since that time we have been steadily rolling out vpn connections to users. As more and more users are aware of the ability to connect via vpn we are running into a large number of users who connect through a NAT box of some sort (linksys,netgear etc). To enable this ability I followed the instructions on the Phoneboy FAQ "SecuRemote Client and NAT". One recommendation is to add ":force_udp_encapsulation (true)" to the userc.c on the remote pc. This is where my questions rest: 1) can a change be made to the firewall to force this setting to come across on a site update? 2) is there any harm in setting this flag on a user who has a direct cable/dsl connection with personal firewall? Any advice that you can provide me with would be greatly appreciated. Malcolm McDuff OSHR ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|