Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Sending FW-I GUI Client traffic through a SecureClient VPN

To: [email protected]
Subject: Re: [FW-1] Sending FW-I GUI Client traffic through a SecureClient VPN
From: Mark van Kerkwyk <[email protected]>
Date: Thu, 6 Dec 2001 07:07:57 +0000
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Make sure ":fwm_encrypt (true)" is set in your userc.c file.

Mark




                    Tim Jones <[email protected]>
                    Sent by: Mailing list for discussion       To:     [email protected]
                    of Firewall-1                              cc:
                    <[email protected]       Subject:     [FW-1] Sending FW-I GUI Client traffic through a
                    point.com>                                  SecureClient VPN


                    05/12/2001 23:53
                    Please respond to Mailing list for
                    discussion of Firewall-1






Hello.

I'm having two issues with FW-I 4.1, SecureClient, and
the FW-I GUI client that I'm hoping someone can help
me with.  Here they are:

1) Our VPN encryption domain is 192.168.0.0/16.  One
of the management station's interfaces uses an IP in
this range; however, when trying to connect to that IP
with the GUI client while connected to the VPN, it
doesn't work.  It seems that the traffic doesn't try
to go through the VPN despite the fact that the
destination address is in the encryption domain.  When
pinging the IP, however, the traffic does indeed go
through the VPN, and the ping is successful.

I ran across this link:
http://support.checkpoint.com/public/publisher.asp?id=faf384f6-d59e-11d4-a57a24&resource

&number=4&isExternal=0.


It only deals with NG, however -- the crypt.def entry
that it references isn't present on our management
station.

So, is there any way to tell GUI client traffic to go
though the VPN with version 4.1?

2) Our management station also has an external,
routeable IP address.  For whatever reason, it's
possible for me to connect to the GUI client via this
IP address while connected to the VPN using an
"Encryption Only" policy.  This external IP isn't in
the encryption domain, however, and nothing else
outside the encryption domain is accessible in this
manner.

Does anyone know why this is the case, and, how to
prevent it?

All help is appreciated.  Thanks!

__________________________________________________
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Prev by Date: [FW-1] yahoo blocking
Next by Date: Re: [FW-1] new virus (?)
Previous by thread: [FW-1] RACAL RG 6000
Next by thread: [FW-1] VPN layout
Index(es):
- Date
- Thread