Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] check point NG securemote

To: [email protected]
Subject: [FW-1] check point NG securemote
From: Marc Kisner <[email protected]>
Date: Fri, 14 Dec 2001 09:11:44 -0000
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi

Going thru the Check Point NG Mgmt-2 labs I'm having a problem with Lab 16
(The SecuRemote one)

set it up as per the instructions... so....

1) Defined SecuRemote users bob and mark - IKE enabled the users -
enabled public key signatures

enabled VPN-1 / Firewall-1 authentication for SecuRemote (hybrid mode)
Put them into the group SR_users (as per the instructions) & then installed
the user database


2) Created the following rules on the SecuRemote Server.... (as per the
instructions)

        Source                  Destination             Service
Action

1       Rule allowing net madrid out
2       SR-Users@any            net_madrid              any
client encrypt
3       Clean up rule

3) Install SecuRemote created the site - accepted the certificate hash - all
succesfull -  however when I try too FTP or browse the site www.madrid..cp
the connection times out...

4) The log file records......

        Key install succesfull
        User authenticated by firewall - sending SSL encrypted topology
using IKE authentication
        drop ftp-pasv rule 3  (clean-up)
        drop http rule 3 (clean-up)

Anyone know why this is happening after I've authenticated OK - connectivity
is fine - but somethings wrong ?
Marc Kisner
Harrier Group

Switchboard:    +44 (0)Facsimile:      +44 (0)Mobile: +44 (0) 77740 431 598
DDI                     +44 (0)Email:  mailto:[email protected]
Web:    http://www.harrierzeuros.co.uk

Privileged/Confidential Information may be contained in this message.  If
you are not the addressee indicated in this message (or responsible for
delivery of the message to such person), you may not copy or deliver this
message to anyone.  In such case, you should destroy this message and kindly
notify the sender by reply email.  Please advise immediately if you or your
employer do not consent to Internet email for messages of this kind.
Opinions, conclusions and other information in this message that do not
relate to the official business of my firm shall be understood as neither
given nor endorsed by it.

=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
If you have any questions on how to change your
subscription options, email Ron Alcatraz at:
[email protected]
=================================================

Prev by Date: Re: [FW-1] Checkpoint NG FP1
Next by Date: [FW-1] RPC Traffic (TCP 135)
Previous by thread: Re: [FW-1] Checkpoint NG FP1
Next by thread: [FW-1] RPC Traffic (TCP 135)
Index(es):
- Date
- Thread