Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] SecuRemote behind ADSL

To: [email protected]
Subject: Re: [FW-1] SecuRemote behind ADSL
From: Jimmy Godbout <[email protected]>
Date: Mon, 12 Nov 2001 12:58:48 -0500
Importance: Normal
In-reply-to: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi,

I have a cable connection at home and some adsl at co-workers' home &
everything works fine. We're using a firewall that does some nating on the
user end + securemote on the machines which need to connect to our corporate
firewall. Try connecting straight to the resource you want to use from the
user's end point.

Regards,

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of Jesus
Calvo Hernandez
Sent: Monday, November 12, 2001 12:31 PM
To: [email protected]
Subject: Re: [FW-1] SecuRemote behind ADSL


Hi all


Correct,it´s nat which breaks securemote, but how do you access the
internet with a private ip address,  if not making nat to the public ip
given by your ISP to the adsl interface of the router?

You must nat your private ip address to the router´s public one, because
normally you don´t have one public ip address for each pc behind the
router, but only one for the router and private addresses for the pcs.

 From that moment securemote stops working; you can authenticate but
nothing more, no link available to the internal machines and yes, on the
firewall log you see the private ip address of home, not the natted public
one.

regards


At 07:45 12/11/2001 -0800, you wrote:
>It is NAT.  Turn off NAT and it will work.  See
>Phoneboy and CP documents for NAT with SecuRemote.
>--- Ivan More <[email protected]> wrote:
> > Hi,
> >
> > I am quite new to FW and I have a problem, hope that
> > someone could help me. We are using FW ver4.0
> > (running
> > on NT) and using securemote through dial-up has got
> > no
> > problem. But we have some users who are using ADSL
> > at
> > home. They have got an ADSL router that is able to
> > perform NAT. But he has problem using securemote
> > (build 4176) to logon.
> >
> > From the Fw log,
> >
> > Action     source       destination  Proto
> > drop       vaild IP     FW valid IP  ICMP
> >
> >
> > The user has 4 PCs connected behind the ADSL router.
> > Before starting the Securemote, he was able to ping
> > our Firewall valid IP (it was dropped by FW because
> > ICMP was disabled). From the FW log, we see that the
> > source IP is a valid IP (NAT on ADSL router) from
> > his
> > ADSL router.
> >
> > From the Fw log,
> >
> > Action     source       destination  Proto
> > authcrypt  internal IP
> >
> > Once the securemote is started, he was able to
> > authenticate to the FW. But on the FW, we see his
> > internal IP. From here on, there is not more trace
> > of
> > his connection. ie he is not able to access anything
> > on our network.
> >
> > Have you faced the same problem? Any suggestion will
> > be appreciated.
> >
> >
> > Cheers,
> > Ivan.
> >
> >
> >
> >
>_______________________________________________________
> > Build your own website in minutes and for free at
> > http://ca.geocities.com
> >
> > ===============================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > ===============================================
>
>
>__________________________________________________
>Do You Yahoo!?
>Find a job, post your resume.
>http://careers.yahoo.com
>
>===============================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>===============================================

Jesus Calvo
SchlumbergerSema Spain
Albarracin 25
28037-Madrid

------------------------------------------------------------------
This email is confidential and intended solely for the use of the individual
to whom it is addressed. Any views or opinions presented are solely those of
the author and do not necessarily represent those of SchlumbergerSema.
If you are not the intended recipient, be advised that you have received
this email in error and that any use, dissemination, forwarding, printing,
or copying of this email is strictly prohibited.
------------------------------------------------------------------

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

References:
- Re: [FW-1] SecuRemote behind ADSL
  - From: Jesus Calvo Hernandez <[email protected]>

Prev by Date: [FW-1] Request to proxy error
Next by Date: Re: [FW-1] NG or Provider-1?
Previous by thread: Re: [FW-1] SecuRemote behind ADSL
Next by thread: [FW-1] Novell File and Print Services
Index(es):
- Date
- Thread