[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] newbie's question on securemote
Hi, I am new to Securemote and sorry if this question was asked before. Let me start with configuration I have a Securemote client (Ver 4.1 SP5 DES)sitting behind CheckPoint 4.1 SP5 firewall with private IP address ( 10.x.x.x). Communiation wthe remote Securemote Server is through static NAT. Now the problem - As experinced by many users,i am able to establish session between cleint and remote Secureote Server but not able to communiate with systems inside remote network. As mentioned in FAQ's available in phoneboy and as through the information available in this mailing list i assume this might be because of same Network IP address range being used by both sites. In this case my question is that 1. Is FWZ encryption scheme without encapsulation( which i think does not comrepss IP header information) is the solution to solve this problem ? 2. How do i set FWZ with and without encapsulation at the client ( What i see is that only options for advanced IKE settings- force UDP encapsulation and support IKE over TCP) and no options under FWZ scheme. 3. I have read that if FWZ encryption is used the UDP source port address during authentication willbe port 259 and port 500 if ISAKMP encryption is used. Eventhough i set the encrption scheme to FWZ i still see( through snoop at my firewall) packets from UDP ort 500 only what is the reason for this ? With thanks in advance Krishna =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|