Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Help with SecureClient configuration

To: [email protected]
Subject: [FW-1] Help with SecureClient configuration
From: Shawn Kearley <[email protected]>
Date: Thu, 8 Nov 2001 15:41:45 -0330
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

I hope someone can help me here, I do not know where to look for this.

I am attempting to configure and test SecureClient to communicate with my
network.  I have installed Evaluation licenses on my Module and Management
stations to ensure there is no licensing issues.

I have define a Policy Server, which is defined as my Firewall, set up the
Encryption to use IKE.  Checked "Exportable to SecuRemote, and checked
"VPN-1 and Firewall-1 authentication for SecuRemote (Hybrid Mode).  Defined
a User and User Group which contains the user, with the User's encryption
set to IKE.

I have the following like in my Rule base:

        Remote_users@Any       Internal Networks      Any      Client
Encrypt

I have installed SecureClient on my Laptop (Win2000) and defined the
encryption scheme to be IKE.

When I attempt to establish a connection to my corporate network however I
am unsuccessful, here are the symptoms:

        with Authentication defined as SecurID or FW1 Internal
Authentication - attempts to authenticate fail, an entry is displayed in the
log file stating: "Refused Topology request.  Authentication scheme not
allowed for user"

        With a Authentication defined as Unknown, and a password set on the
IKE property, authentication is successful, however communications still
fail.  information on this:

        Attempt a "Create Site" or "Update Site"
                        Authentication successful - entry in log file: "User
Authenticated by Firewall.  Sending encryption topology scheme SSL"
                        Receive a message indicating a policy is defined, do
I wish to download.
                        A short while later an Error message on client is
displayed - "Error: Communication with site a.b.c.d has failed."

                Attempt to access resource within the internal network:
                        Authentication requested
                        Error message displayed as indicated above,
communications fails
                        No entry in log file.

Any ideas as to what may be the cause of the communication failure?

Some Technical information
        Firewall - version 4.1 SP4 Strong on WinNT
        Client - Win2000 with SecureClient 4.1 SP-4 3DES Build 4188
        Internal Net using 192.168.0.0 scheme
        Client connecting using an ADSL connection. (I have confirmed that
the IP address assigned to my Laptop is the IP seen at the Firewall, so no
NAT is taking place at the ADSL provider)


Thanks in advance for any information or assistance you can provide to help
me in this.

Shawn Kearley


======================================
Shawn Kearley
Infrastructure Analyst
Newfoundland Power Co. Ltd.

Phone:Fax:Email: [email protected]



======================================
Shawn Kearley
Infrastructure Analyst
Newfoundland Power Co. Ltd.

Phone:Fax:Email: [email protected]

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Prev by Date: [FW-1] Problems NATing to 1 valid address
Next by Date: Re: [FW-1] Do ppl log Deny Any Any?
Previous by thread: [FW-1] Problems NATing to 1 valid address
Next by thread: [FW-1] Passing X11 traffic with double natting
Index(es):
- Date
- Thread