NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Securemote: Encrypt every connection ???



On Tue, Nov 20, 2001 at 06:49:29AM -0800, michael toietwq wrote:
> Dear All,
>
> I need to configure Securemote, that _every_
> connection, is tunneld encrypted to the firewall !!
>
> The obvious Solution, defining a network "inter_net"
> as:
>
> IP 0.0.0.0 Mask 0.0.0.0,
>
>  and a rule
>
> Src: user@Any
> Dst: inter_net
> Service: Any
> Action: Client Encrypt
>
> does _not_ work. ( Config seems to be ok, and if i
> change the IP/Mask, Encryption works...). It seems,
> that the SecureClient (NG!) has problems with this
> Network, because it even doesn`t start encrypting..
>
> Anyone have any idea how to solve this Problem ??

        Using an IP of 0.0.0.0 with a 0.0.0.0 mask matches every packet
        and is incorrect. VPN's have a concept of encryption domains and
        encrypt data only belonging to that domain. Matching all packets
        breaks this concept. You need to distinguish what is behind the
        VPN and what isn't and userc.C will reflect this.

        If you setup the VPN per the doc/phoneboy it will encrypt all
        traffic destined to your site as advertised.

                                        alan

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.