| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW-1] newbie's question on securemote
Hi,
I am new to Securemote and sorry if this question was asked before.
Let me start with configuration
I have a Securemote client (Ver 4.1 SP5 DES)sitting behind CheckPoint 4.1
SP5 firewall with private IP address ( 10.x.x.x). Communiation wthe remote
Securemote Server is through static NAT.
Now the problem - As experinced by many users,i am able to establish
session between cleint and remote Secureote Server but not able to
communiate with systems inside remote network.
As mentioned in FAQ's available in phoneboy and as through the
information available in this mailing list i assume this might be because
of same Network IP address range being used by both sites. In this case my
question is that
1. Is FWZ encryption scheme without encapsulation( which i think does not
comrepss IP header information) is the solution to solve this problem ?
2. How do i set FWZ with and without encapsulation at the client ( What i
see is that only options for advanced IKE settings- force UDP encapsulation
and support IKE over TCP) and no options under FWZ scheme.
3. I have read that if FWZ encryption is used the UDP source port address
during authentication willbe port 259 and port 500 if ISAKMP encryption is
used. Eventhough i set the encrption scheme to FWZ i still see( through
snoop at my firewall) packets from UDP ort 500 only what is the reason for
this ?
With thanks in advance
Krishna
===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================
|
|
