NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: RE: [FW1] SecureRemote via Internet connection sharingthrough a DSL



This does work, according to http://www.phoneboy.com/
(if you haven't been there, go now and you can give up
this mailling list!  :)

http://www.phoneboy.com/faq/0141.html
http://www.phoneboy.com/faq/0030.html

--Regis

> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]]On Behalf Of
> Jesus Calvo Hernandez
> Sent: Sunday, July 29, 2001 3:56 AM
> To: Chris Moore
> Cc: FW1-list (E-mail); 'Mike Sponsler'
> Subject: Re: RE: [FW1] SecureRemote via Internet connection
> sharingthrough a DSL
>
>
> Hi all
>
> I´ve faced the same problem: nat and securemote together do not work.
> It seems that the encryption performed by securemote somehow hides all
> trace of internal private ip addressing on the home site so the nat
> router is not able to nat the internal private address to the public ip
> routable on the internet. That way the packet arrives to the firewall
> with a private ip address and no return is possible to home devices, as
> that ip is not routable. The encrypted packets do arrive to the
> firewall gateway, I´ve seen it on the log, but with private addressing
> (not natted to the public ip of the adsl router), so when returning
> packets they are dropped by the boundary router of the firewall.
>
> What´s funny is that other different encryption clients (Altavista
> tunnel if you know it) do work under the same conditions. So Altavista
> seems to do the thing right, encrypting only data and not the tcp
> header in order to let the router nat the packet correctly to traverse
> the internet to get to the company and then back to the home device.
> The sad thing is that Altavista is out of production, as Compaq bought
> Digital and obsoleted it.
>
> So if Altavista is able to work what makes it different from securemote
> that makes this last unusable on adsl routers performing nat? And best,
> how can we make securemote behave like altavista in terms of nat, if
> possible? These two questions remain to be answered in order for me to
> tell my bosses (who all have nat routers with adsl at home) what to do
> to be able to work at home like they were at the office.
>
> Any hint from any charitable soul would be much appreciated.
>
> Best regards
>
>
>
>
>
> ----- Original Message -----
> From: Chris Moore <[email protected]>
> Date: Friday, July 27, 2001 2:25 pm
> Subject: RE: [FW1] SecureRemote via Internet connection sharing through
> a  DSL
>
> >
> > Mike,
> >
> > SecuRemote can work over broadband (DSL or cable) with some
> > restrictions.In my experience, the most common failure is the user
> > is using the same IP
> > addressing scheme as our internal network.  Sometimes this is not
> > modifiable, so it will not work, period.  In other cases, the user
> > has to be
> > a member of a particular workgroup/domain to gain Internet access
> > thru his
> > provider.  This has worked as well, but the user must enter his
> > domain\account info whenever he wants to access our network resources.
> > Then, there is the case where the DSL service utilizes the PPPoE
> > protocol.I've been successful using the RASPPPOE dialer available
> > on the Internet to
> > assist here.
> >
> > Finally, if there is any NAT at the user's end, SecuRemote will
> > not work (in
> > my experience).  This happens with users behind routers performing
> > NAT, and
> > with Internet Connection Sharing.  Although I haven't tried it
> > yet, but I've
> > heard using UDP encapsulation will resolve this.
> >
> > -------------------
> > Chris Moore
> > [email protected]
> >
> >
> > -----Original Message-----
> > From: Mike Sponsler [mailto:[email protected]]
> > Sent: Wednesday, July 25, 2001 11:05 AM
> > To: [email protected]
> > Subject: [FW1] SecureRemote via Internet connection sharing
> > through a
> > DSL
> >
> >
> >
> > Greetings,
> >
> > I've got a few users on my network that are running internet
> > connection
> > sharing through thier DSL/Cable Modems at thier homes.  Has anyone
> > ever
> > had anything like this work?  It makes me nervous that checkpoint
> > doesn't out right support DSL or Cable modems, and reading through
> > phone
> > boy's website, it seems that you basicly have to hack the secure
> > remote
> > install to get SecureRemote to work at all via a DSL or Cable modem.
> >
> > I'm running FW 4.1 sp3 on a NT boxen.  I'm not sure what kind of
> > DSL/Cable modems my co-workers have.  Any advice in general for
> > this
> > would be well appreciated.
> >
> > --
> > Mike Sponsler
> > [email protected]
> >
> >
> >
> >
> >
> ========================================================================
> ====
> > ====
> >     To unsubscribe from this mailing list, please see the
> > instructions at
> >               http://www.checkpoint.com/services/mailing.html
> >
> ========================================================================
> ====
> > ====
> >
> >
> >
> ========================================================================
> ========
> >     To unsubscribe from this mailing list, please see the
> > instructions at
> >               http://www.checkpoint.com/services/mailing.html
> >
> ========================================================================
> ========
> >
> >
>
> ------------------------------------------------------------------
> This email is confidential and intended solely for the use of the
> individual to whom it is addressed. Any views or opinions
> presented are solely those of the author and do not necessarily
> represent those of SchlumbergerSema.
> If you are not the intended recipient, be advised that you have
> received this email in error and that any use, dissemination,
> forwarding, printing, or copying of this email is strictly prohibited.
> ------------------------------------------------------------------
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.