NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Forcing UDP encapsulation on SecuRemote Clients



Hello all,

Let me preface this note by saying that I'm no expert on FW1.  Last October
we upgraded from 4.0 to 4.1, and kept our VPN encryption scheme at FWZ
following the recommendation of the firm providing us with firewall support.
Since that time we have been steadily rolling out vpn connections to users.

As more and more users are aware of the ability to connect via vpn we are
running into a large number of users who connect through a NAT box of some
sort (linksys,netgear etc).  To enable this ability I followed the
instructions on the Phoneboy FAQ "SecuRemote Client and NAT".

One recommendation is to add ":force_udp_encapsulation (true)" to the
userc.c on the remote pc.  This is where my questions rest:

	1) can a change be made to the firewall to force this setting to
come across on a site update?
	2) is there any harm in setting this flag on a user who has a direct
cable/dsl connection with personal firewall?

Any advice that you can provide me with would be greatly appreciated.


Malcolm McDuff
OSHR


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.