NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Address Range as part of Security Police?

Are you trying to create a Site-to-site VPN or a client VPN with secuRemote/Client?

Off the top of my head, I'd guess that you are wanting a client VPN, since it does not seem likely that the remote site would for sitte-to-site would use a dynamic range of addresses.

For the client VPN you would not normally restrict the source address at all.. although you could if you wanted to..
Create the user
Create a group for this VPN access
Add user to Group
Create rule:
Source: add user access and you could restrict to the address range if you wish
Destination: allowed servers/networks
Service: what you expect
Action: Client Encrypt

Is this what you were after?

    Joe


RBHATIA wrote:
I'm trying something similar but I wasn't sure if this what you were talking
about.
I need to add a rule that will allow a VPN user access to one server in my
network. That VPN user will be coming in from a range of IP's (this range is
a consecutive range but includes approximatly 15 addresses). I created a
Range for these IP address but when I try to create the new VPN user and
restrict access to SOURCE from the above range I only see Workstations and
Groups (no Ranges are listed in available sources).
Please advise.

-----Original Message-----
From: Fernando Hagelsieb C. [mailto:[email protected]]
Sent: Monday, August 13, 2001 10:55 AM
To: Velasquez Venegas Jaime Omar; FW1-MailingList (E-mail)
Subject: Re: [FW1] Address Range as part of Security Police?



Hi:

Maybe you can try using a Network object or group instead of usin
g address
range.

I know that's not a good solution but I think It's an util workaround and
you wont have any trouble about it.

Maybe another person has resolved this issue on a more elegant way, that's
only one suggestion.


----- Original Message -----
From: "Velasquez Venegas Jaime Omar" <[email protected]>
To: "FW1-MailingList (E-mail)"
<[email protected]>
Sent: Friday, August 10, 2001 6:05 PM
Subject: [FW1] Address Range as part of Security Police?


Is there a way to insert an address range object into a rulebase, say in
Source field of security policy?

Jaime O.



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html

============================================================================
====




============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



  
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.