Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] SecuRemote question

To: [email protected], [email protected]
Subject: Re: [FW1] SecuRemote question
From: "LAN Guy" <[email protected]>
Date: Thu, 02 Aug 2001 15:13:25 -0400
Sender: [email protected]

If the normal default gateway for hosts on your network is different from the incoming gateway that your SecuRemote clients use, the connection will fail because the return packets won't be going back out through the firewall. You can get around the problem of routing return SecuRemote packets through the wrong gateway by hiding the source addresses of incoming SecuRemote connections behind the firewall's internal address. That way, the internal host's return packets will be directed to the firewall, which will then forward them back to the original SecuRemote client address. The procedure is decribed in the document at http://support.checkpoint.com/kb/docs/public/securemote/4_0/pdf/srhide.pdf. I tried it in a similar situation and it solved the problem you describe.

From: "Kondisetty, Sudhir" <[email protected]> To: "'[email protected]'" <[email protected]> Subject: [FW1] SecuRemote question Date: Tue, 31 Jul 2001 16:44:43 -0400

Hi folks,

It's my understanding that the "external" NIC on the firewall is the only one that responds to SecuRemote clients. Is this truly the case? My client has two Internet connections: One is for standard communication by users in-house. They would like to dedicate the second connection purely to VPN usage.

Can this be done? If a secondary card is able to respond to SecuRemote clients, won't the returning data be routed through the default gateway? If the SecuRemote entry point is different, won't the connection fail? Plus, I thought that when you set the license for VPN-1 and Firewall-1 to the external NIC card, it is the only one that can respond to SecuRemote requests.

Hopefully, this makes some sense. It's a heck of lot easier to diagram then to explain in words! If anyone understands my question, please let me know what you think.

Sudhir
================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

================================================================================
    To unsubscribe from this mailing list, please see the instructions at
              http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] CP 4.1; logging messages through another Nokia.
Next by Date: Re: [FW1] SecuRemote question
Previous by thread: RE: [FW1] SecuRemote question
Next by thread: Re: [FW1] SecuRemote question
Index(es):
- Date
- Thread