Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] SecuRemote and NAT

To: [email protected]
Subject: [FW-1] SecuRemote and NAT
From: Michael Lea <[email protected]>
Date: Wed, 7 Nov 2001 11:36:45 -0600
Mail-followup-to: [email protected]
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>
User-agent: Mutt/1.2.5i

I stumbled across an odd "problem" when testing SecuRemote from behind
an SMC Barricade cable router. The tests were done using FW1 4.1 SP2 and
various SecuRemote builds from 4003 to 50239. The firewall's objects.C
contains the magic ":userc_NAT (true)" & ":userc_IKE_NAT (true)" lines
to enable NAT. We're using FWZ un-encapsulated encryption.

What was odd was that I was able to establish encrypted connections from
as many as 4 NATted boxes concurrently, even though everything I've seen
indicates that this isn't possible to do with FWZ encryption.

Does anybody have any ideas why this worked? Thanks.

--
Michael Lea              |  Unix is very simple, but it takes a genius
[email protected]  |  to understand the simplicity.
                         |    - Dennis Ritchie

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Prev by Date: Re: [FW-1] Out of office assistant
Next by Date: [FW-1] Protocol 50
Previous by thread: Re: [FW-1] Out of office assistant
Next by thread: [FW-1] SecuRemote and NAT
Index(es):
- Date
- Thread