[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] SecuRemote behind NAT device
Hi
Upgrade to FW-1 SP2 or SP3 and follow the attached document and it can be
done. It worked for me!!
Rgds
At 12:42 PM 6/7/01 +0200, Laurence Mayer wrote:
Hi
Does anyone have step by step documentation for getting :
SecuRemote Clients (4174) on the internet, working behind a NAT Device to
connect to FW-1(4.1 SP1) and then to Local Network.
SR (NAT Device - Internet) ------> Fw1------> LAN
Is this doable?
I have looked on Phoneboy but cannot find anything definitive.
Thanks
Laurence
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
From: <Saved by Microsoft Internet Explorer 5>
Subject: FireWall-1 FAQ: SecuRemote Client and NAT
Date: Sun, 28 Jan 2001 20:06:26 +0530
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_NextPart_000_0000_01C08965.CBA7AE00";
type="text/html"
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211
This is a multi-part message in MIME format.
------=_NextPart_000_0000_01C08965.CBA7AE00
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Location: http://www.phoneboy.com/fw1/faq/0141.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>FireWall-1 FAQ: SecuRemote Client and NAT</TITLE>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2014.210" name=3DGENERATOR>
<META content=3D"Dameon D. Welch ([email protected])" =
name=3DAuthor><!-- This page was created by the Gecko output system. =
--><!-- This page was created by the Gecko output system. --><!-- This =
page was created by the Gecko output system. --><!-- This page was =
created by the Gecko output system. --></HEAD>
<BODY aLink=3D#ff00ff bgColor=3D#000000 link=3D#00cc00 text=3D#ffffff =
vLink=3D#00ff99>
<CENTER><A=20
href=3D"http://www.phoneboy.com/redir.cgi?http://www.verisign.com/cgi-bin=
/go.cgi?a=3Db00"=20
target=3D_foo><IMG alt=3D"Get the best VPN Training from Verisign" =
border=3D0=20
src=3D"http://www.phoneboy.com/gif/display.cgi?vpn_maze_trn.gif"; =
NOSAVE></A> <A=20
href=3D"http://www.phoneboy.com/fw1/faq/spiderweb.bhtml";></A><A=20
href=3D"http://www.phoneboy.com/fw1/faq/fly.bhtml";></A></CENTER>
<H1>SecuRemote Client and NAT</H1>
<H2>Q:</H2>I'm trying to set up SecuRemote client behind a Cisco router =
doing=20
NAT and can't get it to work. I've looked through all the FAQs and a lot =
of the=20
messages to the FireWall-1 Mailing List but am still unsure whether this =
is=20
supported or not, as there has been a lot of discussion about SecuRemote =
not=20
working properly with NAT.=20
<H2>A:</H2>If your SecuRemote client is behind a device that does any =
form of=20
Address Translation (including another FireWall-1 firewall) and you are =
using a=20
version of FireWall-1 prior to 4.0, this can not be made to work. =
FireWall-1 4.0=20
and later will support client that are being NATted with the following=20
restrictions:=20
<UL>
<LI>The SecuRemote Client must be 4.0 or later (build 4003 or higher). =
<LI>You can not use Encapsulation with the FWZ key management scheme =
(you can=20
use ISKAMP or unencapsulated FWZ however).=20
<LI>If the client is subject to STATIC NAT (i.e. one to one =
translation), it=20
will work provided you follow the steps listed below.=20
<LI>If the client is subject to POOL NAT (i.e. a many to many =
translation done=20
by Cisco PIX firewalls and other similiar devices), it will work fine =
so long=20
as each client is given a unique IP addres and you follow the steps =
listed=20
below.=20
<LI>If the client is subject to HIDE NAT (i.e. a many to one=20
translation), only one user at a time can use SecuRemote unless you =
use UDP=20
Encapsulation Mode (more on this below). This should work fine for =
users that=20
use a device that performs NAT for their home-office network (e.g. =
users with=20
cable modems or those with Unix or Windows machines performing NAT).=20
</LI></UL>HIDE NAT will only work provided your NAT gateway does the =
following:=20
<P>For Unencapsulated FWZ </P>
<UL>
<LI>Insure that UDP port 259 on your NAT gateway is mapped to the =
SecuRemote=20
client. FireWall-1 tries to communicate via this port.=20
<LI>Insure your gateway will pass packets that have an invalid =
checksum unless=20
you disable MD5 checksums. </LI></UL>For ISAKMP=20
<UL>
<LI>Insure that UDP port 500 on your NAT gateway is mapped to the =
SecuRemote=20
client. FireWall-1 tries to communicate via this port.=20
<LI>Make sure your NAT gateway can pass IPSEC traffic (IP Protocol =
50). If UDP=20
Encapsulation Mode is used, make sure it can also pass UDP Port 2746.=20
</LI></UL>If your HIDE NAT gateway is a Linux machine, see the following =
FAQ: <A=20
href=3D"http://www.phoneboy.com/fw1/faq/0372.html";>Using SecuRemote thru =
Linux=20
MASQ to FireWall-1</A>=20
<P>If your HIDE NAT is being done by a Linksys DSL router, make sure you =
are=20
using at least version 1.34 of the firmware. </P>
<P>You will also need to modify objects.C on the management console. =
Edit=20
$FWDIR/conf/objects.C. For guidelines on editing objects.C, see <A=20
href=3D"http://www.phoneboy.com/fw1/faq/0409.html";>How do I Edit=20
Objects.C?</A>After the :props ( line, add or modify the following lines =
so they=20
read: =
<PRE> &n=
bsp; :userc_NAT (true)
<BR> &nb=
sp; :userc_IKE_NAT (true)</PRE>FireWall-1=20
4.1 SP2 and Secure Client 4.1 SP2 and later have a "UDP Encapsulation" =
feature=20
that uses UDP to encapsulate the encrypted data when IKE is used. =
This=20
more should be far more compatible with NAT devices as all communication =
will=20
occur over UDP instaed of using IP Datagrams. Both FireWall-1 4.1 SP2 =
and =20
Secure Client 4.1 SP2 are available. Look for the section in your=20
$FWDIR/conf/objects.C that has your firewall or gateway cluster object =
and add=20
this to the object definition: <PRE =
wrap=3D""> &nb=
sp; &nbs=
p;:isakmp.udpencapsulation (
<BR> &nb=
sp; &nbs=
p; :resource (
<BR> &nb=
sp; &nbs=
p;  =
; :type (refobj)
<BR> &nb=
sp; &nbs=
p;  =
; :refname
<BR> &nb=
sp; &nbs=
p;  =
; =
("#_VPN1_IPSEC_encapsulation")
<BR> &nb=
sp; &nbs=
p; )
<BR> &nb=
sp; &nbs=
p; :active (true)
<BR> &nb=
sp; =
)</PRE>You=20
will also need to create a service object called =
VPN1_IPSEC_encapsulation if it=20
does not already exist. It is a service of type UDP, port 2746.=20
<P></P>
<P>By default, FireWall-1 4.1 SP2 and later that has had these changes =
made will=20
invoke this mode if the UDP port 500 packet coming from the SecuRemote =
client=20
has a source port that is not port 500. This mode can be forced on the =
client by=20
going into userc.C on the Secure Client and adding the following under =
the=20
options section: </P>
<BLOCKQUOTE><TT>:force_udp_encapsulation (true)</TT></BLOCKQUOTE>It can =
also be=20
disabled entirely on the firewall by changing :active to "false" =
instead=20
of true in the above objects.C modification.<BR><BR>UDP Encapsulation is =
known=20
to have an issue with Gateway Clusters. To resolve this issue, upgrade =
to=20
FireWall-1 4.1 SP3 or later and add the following two lines to the =
:props (=20
section of objects.C:=20
<BLOCKQUOTE><PRE>:IPsec_main_if_nat (true)<BR>:IPsec_cluster_nat =
(true)</PRE></BLOCKQUOTE>This=20
will tell FireWall-1 to always send the packets out with the Gateway =
Cluster IP=20
address, which it does not do by default.=20
<P></P>
<H5>
<HR width=3D"100%">
Last Modified: Friday, 12-Jan-2001 17:08:02 PST<BR><A=20
href=3D"http://www.phoneboy.com/fw1/copyright.html";>(C)2001 Dameon D. =
Welch, All=20
Rights Reserved</A> . [ <A=20
href=3D"http://www.phoneboy.com/fw1/homepage.html";>Go Back</A>]<BR>Your=20
corrections, suggestions, and submissions are welcome. Email to <A=20
href=3D"mailto:[email protected]";>[email protected]</A>.</H5></BODY></HTML>=
------=_NextPart_000_0000_01C08965.CBA7AE00
Content-Type: image/gif
Content-Transfer-Encoding: base64
Content-Location: http://www.phoneboy.com/gif/display.cgi?vpn_maze_trn.gif
R0lGODlh1AE8ANX/AP//////APL3/fL3C+/v9+fnvefezuLt+eLtF97epdbWlNa9tdaMpdLj9tLj
JMbGe8La88LaMb29a7VCWrLQ8LLQPq2tWqHF7aHFTJycnJycSpycMZwAMZG86pG8WYSEOYGy54Gy
Znt7EHNzc3NzUnGo5HGoc2trCGNjAGGe4WGegFCU3VCUjUJCAECK2kCKmjExMTCA1zCApykpACB3
1CB3tBBt0RBtwQBjzgAAAAAAAAAAAAAAAAAAAAAAAAAAACH/C0FET0JFOklSMS4wAt7tACH/C05F
VFNDQVBFMi4wAwEAAAAh+QQEMgAAACwAAAAA1AE8AAAG/8CccEgsGo/IpHLJbDqf0Kh0Sq1ar9is
dsvteomilniMGptbmk9rNluby6g46vSRFO4Kjegk6n9EG3+AfXt1CQ9rbIqLLR8PChYfJ5OUfTiX
mJmam5ydnp+goaKjpKWmp6ipqqusraoAAK6ym0JicHAtZWIiFgoPaopnublxJxsPBQ8alHyEf4F+
exsJBRqL19govcp7k4Cz4OHi4+Tl5ufo6eBCt8TDKBqPEh9xiWxktrmOh8vMhH0bCAXscwLFBwsJ
LKDAxvBePAXzRPxRR7GixYsYM8qChYmjxlG15NSbo0EBJBFyTthrg88gMmXMvP0TBI2QSjEnkFlY
yagNy/82jnwF+ki0qNGjSFd5xLE0qSZ2Ig1K8LWsGKVEbsjs+xWz0r9oXwuayZmQp5ufWLUlUOC0
rdu3cM8tbRoXB1SSUyOl9LdyzL553ppVavY1rK4zIh4k0GA26xifaOpKnky5sqa5sTpmdiuEzzYN
I70SWrgoKGDCe1KLBqTYQjext+rZUvyAdDDHZmZY3s27d126SYXkpWfL31fbQSOt/senOR0J/BIs
LoirOq4TGg4BEybMt/fv4GfBaopZshDQZKyiHj0j58k568M256VgMRttydTYiioSJ8JfuHUX3oAE
FvjJeJsxtRlwbdWSnlWFSRRPQijJFCFzIpRU1jVkSTD/En/95VJSHtyNYeCJKIKH4IosVubgO/AV
9sGIrsU4kzM2AVJfbQ3NsE+N6lE3h2zwPMIYdykmqSRlLDbJ4FsOxmahRL2cNKWMXx1ziEqQMdRI
fa51NUlUY0yInhlLpqmmU0426WIOD4q2gQIFSJDahYIwZwiAPnnZJxom9dPVSGd8YJIFN7Ww5qKM
UtQmAAxwwMCKu4VEjI19wCOdHhEK8oenFhRA4hl9YmNPCwgpsMGgQh4mxj5HNirrrOK0OQIJE0yK
YKVwwugVcSLUF9GF//SSkKtY+dnlDGo9sGpMcrhjRkl20mrtta84mQMMblpm6V5f2QKdszhKRIiG
dpbI/9M97Cbro2KnjdmOMHWwhe29+HqirRAZTCBpt5NFCe4/72S3WJ7n0glgiewq++c9P7425DuP
sXFCvhhnrCCCBiwwxAKR6kopZd8WU1i0KCSWwLCsaaduxWbd4+6pNKLUH7KJaKwzrbbmwMEEj/Ka
D4SExdbCCdCpakgeKt3MXY/JnpUbqoG2KoxPO2fNKIsZwGDACDncCkMGTgotpUx8REXdiGu5th8+
pD4cTLsPO9asJBSTqvXe4S3BItgZkJDDAmCPsO8XiEd56aAguuT2zbI9zawFjPV0qtSItRb5Y2vw
7TmvTGjL7bYLGHB44l+EEZtVIjFeT6vVxd3GQ5WbGv91iVMxhsvUn/delxGPrjgCDDCQQDwMhgev
/PLMN9+mcGpYhzJ8roM4DHdIHxJG1KVKzRJOU0V/vd6+l+8UEc4DMDy/gi+Q/vvwxw+LcPMMLYyY
lDQuLecGo1eGn5gbyyMWko+rKcp8CCQK+pzXsSO4T34QjODzclAHCWygRCnzh2CoAzuctUBldrrF
Nc7SJal94BBvyNtjEshCjCzQeWAjHBG8JsEa2hAAQvCRBJx1P0AYhzD5m94bspMHOFBnXXWb1qjg
VqIWOlEdQ4gf2Ig3BG7d8IoQzKEOlUEGiWzgWd0wjLyi5Rfa2KxVUGuYGMLHnd3l5olwLEcU4UdF
IiT/D4t4fJ8WZyCCHerOixYI05UkRij/HGp10eoRWtyzvTO4kXNxjGQ4hAA/AnjMCHdkHgxyQIIV
EcBfHPgZAwjAANMBwF9Ay2OT9rhF13xgA4FUznyYM0ZdGGRHqtsLdRQZDEPV5mXqkqQwWzHH9F1S
CDJ8oPOKCQADhFJXCwDlA0PJAVWuMgfXSMwDLBhLCy6nGyj7YJX8px742GaEkCnJkZg4vqsN852o
YGbzujZD5JnSeZu0IgAIEEpl7tNfD0SlNVnESjZo8wGB9GNMmHOzCT1ge62DFi+pph8VAlMM8Mwo
KSj5PgIcQZ/v82ekqrmiBXBAmf6UYMcMwNJrMuSg/xLw42tEE60+BupB1AuiIlHwgIe2pIDA1I1G
h+oJee7znk4SXBEygFQIjpQALJpASm9oABIEDqTjKagi6tDTniokpzaRA40OczaJNsQRv7SfBw14
QKK6NRMcXZEQaNgkAzjwhiNNJcegqsoRLGCTLm3IQRemyz18cCoLG5oudcoQQ63zp7qYBOdM+NbK
XiKuCCIC2Vi0ySLAggBXHcFmYWGADBgOtMV7YGnvONKfNXU8BmCAyPYp21y5j5SyJW1uSTkB2zaT
AC0lqFYVkZOeXjA9lXiIh4QRUWidcwZwKklFKeZGgsAMKA+w7FuNCoDOCqGTCDrmXA2XgW1lQIZe
M/+Ad9Vbx/IWk5/UFCWCWktSSD0zmj/rbShB6VpRgnK2gTXVfXb4UJkVo14K2A5kc8pYRfDUpxgc
3xczVbF4ZFe7RMUsggjgXU4iqMPbAkB5YcBX9W0Lqp0dWzND3F3MOjO+P/MnKGFh0pOOR6AMmAAB
Ppnfe4KyxAEWMLMI/IHvFQkS6lqdcwmIXR4xt51x0MAX/5AoC1sAwxnOQZvsakcaY5LLowXAJcl2
SazCAmxa3jB/qanXkcJCoOOpsUifGV46TxC6DRHDkHta5MP6Qj/fc2RE+WOLkuwkyXnjhZQHUhAr
txXL8NRwSZfa4hkSQKnHO54QDHfJTI4HzU0iJYz/deXmU/6MY3aGxVPr/K8755ld2uCzlUmjZ0fC
KCVqq9djL7oLCVBuyrzw6kIgrVFJC2+pRiDbxxbA7GaXTsz8ahKonSRqapqu1HAmbartW18ab1u4
bMCml7Jiga7WDy0RbhwcjvGARLWxRBrwdSC/yO6dsIHYGTX2ikBcBCtyN87IlLa+YUvNSZW61KoO
JVIR7u1W70uRWFlDrLkImVqnkLqxQ0HueM2deMdSyvqwB74jneZHidcIpvy3lwcn8JJ3e750LjWP
dcVjvSb85TUGsFyxKW4AQqbcFI/4k9tRSFQ94tAcH4MF5D1v7o38nQP/MBLAi0MhvBbgLP9bXG3M
/6Kcc3s8Nc+xpID8dVbrPLM97zk6z2DhytU60BfHGXYh8r+gJqKPMQ1kkRsm1KdLMupYR/l4lEr1
rgdc6y63+XhG6j6E91a2zHYSw8X87Z3jGeIVNzpCb4dohiXmzwF6OyM2IG87ze3efv97yYPHb5By
OeukzYHpLjlVE8seFpWH86qdefYVTd7rrr68gLPCEkejm+PL0gZVvEdCRsxo6Qrhe99TD0fAj8e9
ml3R60fA0sI1E9NNVe+mofqzn/EVvzpu5n8tyebe+ha26/8sKCdw9fnxXBFqtxxajG/xoMLdDWO1
LF5iDLHkLqhHfdW3eqw3Q6G2PnPlPuyVaaPVNf+Zxi0Gt2ZSRVru537wBWP7BVU5toGpJIL093C8
NDfCYGGIUEIM42AB9C6+wCXSFwx8AEu1sxIIGEfW92nZN1Dxw1vuF1+KFz9adH+YR3xo0FVM1n8V
cw/I8hMnsA3b0SMpM2UzmIMJ2DwcNldk54PMEynpF2fUVENDcA35h4KBNjtK2C7NxwjuxjltUG5I
BjUp80oicIVY6EQ7uGH154XBA19dWGNkKG5nmEa4wW7tpkal4oSN9DSN0FMeQoU1+FyKkId6qIB+
qEomNYSUx4l6lAN3GG6iWIiZBxloVWCLOEIpE3qLRGTj5gdteICWiEB7mIkQBIgsEjKDuConOHz/
nMNVvwBxRzNd6hKHPcUY+TcHf4BE0zeL5VOLtig/YAhkYGhDQvBKKECIE1VCprhN80CHffAyJRRv
vnZOONEHDIFNzphA0BiN8YN++pUrNyQEgbAB2bgI2ghAU+MIMZVnuRCOyMdHrigzadMj60iLmOiO
ChlB7EBviUCKQkZ8AhmMtsMHCsYwJKQNMeV2RxMGBnmQz5iQCzmSn8hHr3RBadeLSDhkO7R3jDAH
AMlr+xdTkXg0MmiGzQiSfNOOJNmTaAcUU8YTRrh23FhBynAb/7iMmcdWzkeT9DAHQlmJOtk7POmT
PqlFLUBvdwiRPmcPeEdxLFGDdxh64ngf5SYBIFWhSFNJlSJplW55TagTl3I5l3RZl3Z5l3iZl3pJ
l0EAACH5BATIAAAALGsACgDlACQAAAb/wJhr6MIZj8ikcgkBLJ/QqHSa7ECo2GwScNV6oc2vCwDK
NgFoQer7DGNppRh7nnSzbamVN9ZBcumAdlErJUdjZVhNLiUXaIBIglIgAEWPlmyHXoJ/l5pOU5w4
mYmfOIpHcCB6SCsgIHKsqjRhQjZHQkg2Lo0lLrZGrXFPuC4gKb9GMSWqRrqwOLo0OLhHrSvOqMvH
RosAFy7SwCAl4Ug0Lg2UvjhcNCmvR7o2MfDQ7+Tx4LeV4tcxsE10MVMiBECDIaLIKMMXi6GddOFS
oEHT4AiFiWSOnAEg4ICTSWugGUQyBmORGB4n9lHSpBHFXyUwVqQB4MARiWvc2EhHkVPJ/5fsMJbZ
iXHVkUkm2R0QMBHRmDNlYjCdGHKUqU9EKTbo0oTnyDoYnYzxCmBVVjQ5yYBId8EITTUxmoTsQG4F
UyMSD+RJiYMmBWAACuXjtS4dBBcpPIaExBEEjYuCU3T4JxfHRVgXbbmZdAAx0y4xLqyIG1hUzG/S
LlJQ9hUVOnW20ByW+qnkYRo2mF6gx1Sa1c01EXvk2phGOqPJxiIsecEdpw4AKLjreFXl0dLToud6
XaTJqhiOcKSz1QjZ9UrgbeINpRFA1YwkJ5WR2MevETceYUnscivm34SIsCPAEek8054fAvzSSBFj
HeHfEdD18dsn+a1H3CorwLcFf08d4f+REUwpSIkidgEQjksYdbFWUgEdcRcOMa0hwH9JTFKJRG01
wxFLJuro1EYZ2VATjO7d98mQbnFC2kRdjPJTUmD5wZ+NAF63WIcTGrFjksQZoqGUXgboRlhouABc
jhES4YIcMTWQwi6UXFXOi35luBgSVOKAIypbMuZHGW+B0A0ijcTQwIBGaolodl0IIICgHVbZV3Bq
mpfoEaFQadUkguGQ4RVWhdcneF1y8yWmHGo4pgBqgqOTo7bExJ9FcYoXZyMhZVgKBQKUt8Qkq7x1
k3ZRYlpGhivFhEiGF+V4lREerQIdqMTuZ+pKODBlIBM9ajllnFZJRCN0hYyxUknQlmX/xLSXSrqF
eu7ip66fRjQyFFMUrJDCYXpyASe4HL0z1bDEKiErQhfp5RI/Bxo76QGtMBXgVEYB580ZV+SmRgnD
JVPTCnpAd4CgHdCIBHSiSZMpwAHaCsG+HNkipAARhxfTxbK1axUS6ZSwRpY4TPJoMX/Z8ZYttE0k
x1kLGoGUQenEgwZyuUw11EVp3Nmwlog8be8RjcD77LppyGpECVMZ1t4fNmCNhsm3TFXEygx+edYB
z0ikVSnQcWT22O4iobdYqvKNEdxPEGHeOUucUw7Piy6hyzpuIXSHPnTQNCvmSQxRzjlrQjH5HEIw
XPm2SWj+xTmoNz5E650skaGzsdfu/1YKJ2Jn++5SuJN7p7wHH4ULHgnwuPCP3LyUQZYiL7zeyzfQ
vPPOPzYZ9Ze4cwEEF2yDffUpbN/99N+Xb/756Kev/vrst+/++/DHL//89Ndv//3456///vz37///
9Zsc+QBIwAJmgQZycw3qajE5z+WDctDg3PBONQUrwE4LyqiHAes3CQpAcAxiAxEAdBEWCNiiJAHa
GRRUOIVTAAI8EzHeBunXhOPhoELV0M4YRHMB3SQkZqZq2Qop+L1vwIl2/wMHDYwhDXc4xhzv8J4o
WvULPBhjgBk0yjnSMQTzTAJbOGiEHpw0EhAC4FxEnMY46vaKEjDkFq5AzjmQsRB+0P9jIM1IQQpQ
Fx4CGiSGLpgKAGABwzSEg0wnEaQAWtc3NOAtaGFhGE3gJST1jGJmAPKIb4iIIsKRxSidlJ7TatXI
T5QyR4Ob1aQi9z/Z0EM2iDljMlIWIW4MgTO2SIdjOqiEvLypK33hDgSNtAr6BBEajfjLIWYXuFHq
hXHMcY6KavJLTlDJl9A0yJu4aApW6QIsQvRfH9FwSFXGwFqocJQcwFORdPFoMTiMxLByVENTYWSR
VaohCz3CsEjdkEK1Coo0qJSOO+EKMGVgiukgiThx8gdJpgANr5gUj+PYMyyWQgMymga4JGhsUu1M
yAG4V4JfZGIMHqRgn455qZVepAj/VNIoY8Lyl5tBwEA1GeD+NBQKCHTBI0YMBS+8dJBKJSFEYKuV
PJNKiCKxlCTwaYJ8lADRp66KMTCNUx+NBKnXcaN4t/DGDHnKH58yylTTpJ2QuvWEiyymN+1SAkqX
ggwWjgI8ElMCN8PUMIuKZISQLIJb8STWJ+x1hg7zlkZ+6p7E/AGvRg3bmzoQTuY4lkZL9RAaaGdX
DbkknLr6RhmApitjMGUlmtpsMSblDX11QTR2gZc/C0jWxeIlbVv5YVJsACTg3USQFEBGZkcZ0Ga6
iyZETIEg41UK5VpnlDcSpBycmwYtZc1LqkTs8C5IEAeuUILum5wNJefdJ0zOQER4BCD7ggAAIfkE
BMgAAAAsawAKAOUAKAAABv9AnHBILBqPyKRyyWw6n9CodEqtWq/YrHbL7Xq/4LB4TC6bz02aKzaM
rdHweNT2LrptzxSELVyBUi5CMRAdZSUAABBCHYiKYBAAcpJSMQACRgcANE8gAIE4DYiIgS6JZQIC
KXyoqls0JXw4kJNLr7GSoStElQ1UpQ0uLh14aKZDxludn7KRtEnKzikAF0SMKUI2KX/EOGuv12p4
FJ5GdTjZIC50m90xNn63Rn4gscEAwG6lF3XoKdzeJXThiJGOHTYXFwCUcLEJ0jsQAoe8gsgknB+B
LrYRQVfC4LkUqugkXOgRjg1L3FDhiSFAlAA+AA60VAQtYQNuQoyxFBUKRE7/maIKGbERShQ1HKIa
JTW1E5EAdjFnMkMUsdtSn5CKAqAwRBrPJZ0yIbqQEFEvQS1FXcOxQhSEUkl9Tkq4tu3RTCBoMDqK
6EAraDsFyM3pCNKeTgDkml3TEqcQwy5SZLpmD5+9fWzwxtibM6aqShRsxPAoUiFDZn6JAmBDw5Iq
SGuRdBJMo2gHGuM22Wh5gWDLhp7olCZJqy1XHAkDVXKEo2Vng9Bw0ICUiJip1peEjFMMgBijZYIs
DWl7FilzpHJLHW+eHRE7aTdlk3u8WsihEjgOyV2upNPRQ460hd8h6zFSSCbgRedMJjacdIAQcC31
ExEKdtPSWqboM4R+hA1R/6FVRwnhXIfHyOWVhEiVB4olg1E4HzNDlOITYkmdZ0Qna8kIYWI44NiG
KYckwseHklgjDX5WvRVMMCQK8aFxHaq3IY/mefjijuud1EyVJfaRyJJMcokNCC0J5eIys+w4IwAd
gBlPEdGV8omOnSDJljEuhCIAHkTK0VoDkLDTWndGINPjlXc6ch0ixPTU5IeDEtMWc4ZSWcmehdqY
5I0ARJSmVT5Jo+kz88mpJg7wDcFIi6EE4qMzQhS1HjMNAHKBYudBU8IFJXTQEq70CdCBWMA6iSgO
jPjFyIuVDpZVCivc2iRBCClkBHxMfqrjblutoAd4nM5ZKpWhQLACJJh2sP/CCgI8iOo9YdLiVVU2
UIcIkoZCsywiZhpTb1+dFHsouIu4FJuY6A2hmij4MndifEXYQCyMpw4kFiJvnrmjuHL92xdMTiG5
cIuwGpFPSUnQoU4T0pCcRjCONXFyEmqgrDDMTSwZsxX5bBTvQSuXbIYLK+AhcX1CJ6300k6Mc89Y
TEct9dQEUUAIwVNnrfXWXHft9ddghy322GSXbfbZksRQAkQ2c6GjF+iskPEZNZusjso4A01EODRr
AwjV9iIyxtspwwIFt6LIa+g54kU4Fh5wxdYnsldFTcNMK7hQwqhuU5mEqZxsRXSIcnDrkTTU6JPC
Bb9aFRMxfSYkwEKrV5X/NCSkb+S3QWqgmg6EGkFIw0P1eN6P0Zqbxs7xR2SCBEH02AHCQtIF3Y4g
6mjTBgjRGzESEaGw8fakVrU+8LWWzD3PLebwvQ5BfPgRNPNOYLdzCmm5ZqxWHZSFzD35O8rbmhIT
NVSOgC8xQigu4JjAicxevVCQMbIiuKncqxz3kEgGQbUjRZTCV5gi0jgOpjCtTOMYzIHGLxABAsRp
YiD5S2DOFieEy03DNy+cTV6INR1CIeVLJWgJKaj0qxgkZBjJI05PaOAfefQlIp0AhmQwlRC/0IAN
EiwMi1wFrynGLBPsqNOpanNCGXGISI05AmQkQyVkqLARK3gFjwQCCXp0/2JWSiAcEQ4RooSsSSh3
FII0MOTDThRCR1JinLtAx4shOM9kYjlKKNjBCF24R2Mkgs0QJlkw2+WHTUJg0I6S8hQOysQGRKpg
ESIVHne5kRylcBdyTljDmDhyS0soxajoMh5TdEIgYuSgmHTJQRolZWOjRNER8FefpbDwF3BilhYN
4kzPafBBlQhRLAnhj1OhjkhgxOCsRvTKIZrJhgfQheNE0baIXbII1uglV6ITpzaWB0o6IhCYxCUu
JeksCRyiCpiuuLjotEaLRBDokmw2DiN2KkbWrFgmkmOE7WDwPORkzjiG2CIalCVz8ALTzo5gE8dI
Yz3fo+e4uOMda+noUv9HKMVaWNmEgDGDhM15YVes9S6EDkGTS5CGr2QpTCK8LUIEgwu4tCSpDYon
lLCM6Cdb+M456KkDa+vF0SCgB5Sc76tvc0oKgrSJt5ULWtKyCjACMQ6/CMNlF8BqWQLRFmFpzl06
XAF+LuWHRtCHCHVtUwmIWoS0tEiPFZsK1pbFKxBIixGzI9NDcTCODrAxqoMBSZ7IUUVAYPVw/qtg
DLRygCHNp56KoUD+cmQpE4qsKD7x2AWLYC/BWEkUstxXM/xnNZ/eti9JKItHEFtUpSJhsHEpmFjb
kBYBbLSo+zqObHl6uH+2wRxQ4JEb2jmQYJTEu9c9zRHUYD2gxUNlvBMm7xJUNrczzEwiebsZ1uxQ
3uqp1xlSRZt+9Zvf/fqXbL/7r4C3EAQAIfkEBMgAAAAsAQABAFwBOgAABv9AnHBILBqPyKRyyWw6
n9CodEqtWq/YrHbL7Xq/4LB4TC6bz+i0es1uu9/wuHxOr9vv+Lx+z+/7/4CBgoOEhYaHiImKi4yN
jo+BLy83kJWWWTImISw1QgERQioRMkkBIUsRAWU3CAEBL2I1krOdsrOUQ7azpDi6krxDkkY3L6Qy
s7BDx8A4wkbIzFipoREqaDUqISq801efR984otFWMqmurp6gOCGvpadK3WMmARWTYu3opuz6AR5D
+dCtC+hq3RAHAVgUoffvnKsB1nCkGoALRzoj/QYkk6aKHzwyNzz0MyGxo5VwRcK121jkhglySWoM
+MTihYl1KJfsi2cSn7v/Me1M0OJngkWImRGD7hKi9FcRFfWKtOqUyibCAJTOfbyY8pWJClyvyEOD
cIBQFRhIjaWSc0hbJC9+NkmFAdw6WRVraLq3Uxa5VDeMKiSidxORFzVkhEh2I5uKirleYAggFFfh
x5FxGIUsJJPhIyuLhNbsj6lcgKdbuqooI4ADIfIQwkqFgKKnnm5NIgRWePAQoyGiCa7RDS8OYjWw
BS+ieHkuE9uENFbBMlQABJxLBv78nLuQwnzvFlP3/d5xFdSJ0RPaaUmNALYxDvwpEh2pfTIGDPjr
Gt1r6/7h0h9+Mz3UHmr6wAIVOvuZdk519ARoxGioJbOeadXxkyERk0WE/4NIEckz2WwBQPWPRbjd
NkQruCzoSgVDOFTiQQy2gmEz9RQ4oxCToXNiQHXF5cp/RKTiW5EDujaEi661mKBFoOS3o0ruCOma
la58lERcBqU0HywswBeCLJ4Epx9MtD2GkEI36LcNWCSh6AAnOLQS3GQnRjZZZXENcOd1pvlj3pIe
yGDOjkS0g0EIjHaiaAiTYWfaoowm82ijRoQJoxD64dINCzOppcpUKIJjSgitnNgndUYK4cFLUA0g
BD0IsKBCKx2FJmQEksBnnQMv3IoVDgMgkJyok2QYFpIIqOmOTBDVAJY1fYZADCWfSOkhlbCAlax6
lCHGRFxaEsEtDnCmVP/BmUhUZd0pJn4XDny4xLWpRbJO+FO6QqzJT55wtVMuP08SFB/B6MBDUGpC
kBpmXbD1A/E0D5eKkT55thNRxUMQs1tJgwl5Y1wIxNhRKrwE9V6DDSPaVbs/QXUKQ/KCgmdKtbl8
bise4rjhEVwicW4qB97mchHykIuwf+TN2s+yN5Z0oMAawiXjwBSaJlQqH2UddRIikTSiyRFUsJjJ
Eb+XIoovhDlAezIW5CqursAyU0UzjRwAxPxw+vQp9WFAyYKjXJxdScHss/A3KHe1t5c3hpmtEHH9
PIwrRbv1JeLqsntE0orvjUwyO4lTz+ig/dS4q6FvuPJi9GCdWmg3+Pr/dYXuNQko2kZ0Yy/UFlON
rinQ4EBPBDWNjdCBF+laejst1zSUOK3898JEnPGLtElKt+MB6kTjPBNL5zYzUSeVPzGZA9md22FK
2sCHJvf7hFkyRh+1lq8So+1JIyleE0KYThQ7fVWnfzsKYACNgJCgIOlzJnGIqaRDL+NFZXu8aEW3
diQ5vXWtI9prSd5MVh238Sdx8FJSEURSrmzJT3O3c1dceraEG5TlVSH4z7laszejdGIftMoO6ODR
CuSxwB5lQpIDVMCCRaUuGTLpYRFv17HrsMAEM5HdAX/SmvtdShuTYhQYjxCrABRtLRFTBjomyKN9
RBEDtuIVPyrQxLrh/wgiAfEgaigHHwzY5H5+PB47WACq/XHIFRjQBB05h6NTtIkmLJBjFJFngh+C
Ila8ONcmCslHYFmuJT1aI5SiBip0wGIn6+PMEDtDtwBkUks1uIor4iQauUipILhYIMLAosVabiQV
1ljYfPTRJSLU7oK8294h18aVLgpQR648jixlw7ohIUSPphlChB5yHHQgwG4PoeVCoHmKVeJABq3k
BTpNOcoPXQdbm8OVWaRzlYEpgRiSONwzxqOFWyzhGOJ6glOgENBLjCufhHFdQaWAz40QgxnOUAJA
M7clhB6Gn1KIaDAGZdCOevSjIA2pSEdK0pKa9KQoTalKV8rSlrr0pWgwjalMZ0rTmtr0pjjNqU53
ytOe+vSnQA2qUIdK1KIa9ahITapSl8rUpjr1qVCNqlSnStWqWvWqWM2qVrfK1a569atgDatYx0rW
spr1rGhNq1rXyta2uvWtcI2rXOdK17ra9a54/WgQAAAh+QQELAEAACweACEAKwEQAAAG/0CccEgs
GomRwHHJbC5DgZeT+QqEpljj7SUt1l41HJcrI3LDw1eZuB27b1lZxDONRLL4/NETKVevTQF3R1ZT
XHpLSYhLMnRLKoA4UF2If4tmGFoBAWhDFQEsOJujCGubg0KCRVWjrZROVahMm5e1TklSloGyRIVO
tLZCisHCSkuqQpOXurXDRRgBJmwBCKkOLx4I1KmblMhDbS8OUVxwxOfosL6zvEPrs8YyJiGhaTI3
LCFraSEqNc5eTJi498IcDhkh9An5Mu4QERlVrpWZJM9EJyH5LB75IwPSRRwZL8pjUYMhuSIsAjgg
YiKAI2Q3Bhij9u2bEWdf8IUwl0+hkP8taGTcy1dPiBohEMX0M4ijhsCCBY/UgKTC3FF7C+dVHZJU
zDqE9HpFmOozVaQbVJluazlqZSoEMjc5wgFt0wBtR1KO+tTFQ6tMUFoVSTLqDhTCAQasuTHO7iuj
Klup+Nl402QcnzYlbGWMiLZO49B80wZHELTLNgd3htJYSuZN0rwCiuCgcqZUg5LUVWlORtzIjw+2
GhCGNNIAmfRucmBumC62myq4gzvqtihAvkcRd3dHhQehSVBTU5EdTpUBKsQBYyPze91cKtOPk2HS
IdeIRwNjqAHl9qcK8qhkBCsAQjEAHNBUMNVdTQlyQw30qWffEFAAUoOAuAnR0gC4XVj/jSjtDOGM
flF5YBELMkE223g1aGNKbomFUMMnl2mDwQvvGSEDBiT5RYdfl/kVyo5qJBGbc754J1RD3ETwggky
deGLNvpAM5dN2PiyiTl+SQFNbBd2NoQKAUgnhDZeBnAZmSuyQyFy3L01RGirbCMEjTjIZA40aqh0
EUBEeCgEkO5whpphaoLIxIhwFrEFk7okgYYyiuIQnopeuWVpFEx0pIoMZZ75IVct3YZkJEZBA8iW
GrpklldmisJhhiwgpiUqyiSxzzhGQBEbXZzaGl0xbiYDSpyscPZYFXO1dAVn3eDQmAfNialaGXAZ
lFgEFcgYZ0zVpIbEascO4UFlnEY6/2oVUsKIxoVXtDQXpQ9V8Nsg49wAqiNytAIjpjioYOuqmsby
KnSCdRjjk7e+KQUuQ+BVRIVD8LmpCW6sAahYDscJKgJuRGVGo5IUkljIk8pkqrVEkOlBFdZVWgQy
FYorIrmUtORAehZHigq7GW7aS7wkd2mENi8bjENL3gWwxgADhPBCSv/KJtwAGDtrTRrIFEJmBSHP
GUFKjmgtszJQOBKmESm5FROnfsV8M1McG+vNIDLts5Gd0nKqTVGOIrMxOHdZHKcRMEFtM7F237wG
pL7YwXW7jL/6sTloFgHqIFQvVCYCH1ZhJplVW+LroFpygvqqV4A66xIe5iPTqrhyGv+mQHEdoQ0C
HsQlRZg8ClyxSyQhruZk9CLjFwIYexAr19TkY6eBUocgHUIvpF2MB8UbUdeoQc+MCpmLC914qxWw
kKPPkwcNkC/jIBCCNpwWoY0KKmiDSmaxxTQACybQH+MsASoHsKB3qcMaW0Szop2pLxK0CAxyGnY+
8lHjE0eQAf24VT8V/OZ1L/CdEfwSwfpV6gavCVWdMBAXxZirFdJJFgLQoJzgeCUa4iOELASYCJyB
wzbpitzP6ic4MfmiX9RoSXA8uBwHjG8TnYDOOErni92oKhUVoF+iXtUUdP0KGEDJwxf05gSjpWFC
TUHjfcgIOzLAQmRD+MJV0khGOaZY444LsSEeO7aRjzQBDHjYAt3u48eHnGGPTUgPUqCGyEY68pGQ
ZIIK6lEDmRQykpjcI/0ac5lMevKToMwCYQgzl1CaMhjZs0NZTsnKVmISIRWYgx5dGYwgAAA7
------=_NextPart_000_0000_01C08965.CBA7AE00--
![http://www.phoneboy.com/gif/display.cgi?vpn_maze_trn.gif"](http://www.phoneboy.com/gif/display.cgi?vpn_maze_trn.gif"){kind=link}
