NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] SecuRemote behind ADSL



Hi all


Correct,it´s nat which breaks securemote, but how do you access the internet with a private ip address, if not making nat to the public ip given by your ISP to the adsl interface of the router?

You must nat your private ip address to the router´s public one, because
normally you don´t have one public ip address for each pc behind the
router, but only one for the router and private addresses for the pcs.

From that moment securemote stops working; you can authenticate but
nothing more, no link available to the internal machines and yes, on the
firewall log you see the private ip address of home, not the natted public one.

regards


At 07:45 12/11/2001 -0800, you wrote:
It is NAT.  Turn off NAT and it will work.  See
Phoneboy and CP documents for NAT with SecuRemote.
--- Ivan More <[email protected]> wrote:
> Hi,
>
> I am quite new to FW and I have a problem, hope that
> someone could help me. We are using FW ver4.0
> (running
> on NT) and using securemote through dial-up has got
> no
> problem. But we have some users who are using ADSL
> at
> home. They have got an ADSL router that is able to
> perform NAT. But he has problem using securemote
> (build 4176) to logon.
>
> From the Fw log,
>
> Action     source       destination  Proto
> drop       vaild IP     FW valid IP  ICMP
>
>
> The user has 4 PCs connected behind the ADSL router.
> Before starting the Securemote, he was able to ping
> our Firewall valid IP (it was dropped by FW because
> ICMP was disabled). From the FW log, we see that the
> source IP is a valid IP (NAT on ADSL router) from
> his
> ADSL router.
>
> From the Fw log,
>
> Action     source       destination  Proto
> authcrypt  internal IP
>
> Once the securemote is started, he was able to
> authenticate to the FW. But on the FW, we see his
> internal IP. From here on, there is not more trace
> of
> his connection. ie he is not able to access anything
> on our network.
>
> Have you faced the same problem? Any suggestion will
> be appreciated.
>
>
> Cheers,
> Ivan.
>
>
>
>
_______________________________________________________
> Build your own website in minutes and for free at
> http://ca.geocities.com
>
> ===============================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ===============================================


__________________________________________________ Do You Yahoo!? Find a job, post your resume. http://careers.yahoo.com

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Jesus Calvo SchlumbergerSema Spain Albarracin 25 28037-Madrid

------------------------------------------------------------------
This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author and do not necessarily represent those of SchlumbergerSema.
If you are not the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited.
------------------------------------------------------------------

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.