NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] securemote+ip pool nat+ X11



Hi Scott


first of all thanks a lot for your help;  the method though complicated
is really fantastic; I´ll test it next week because it is worth of it.

Our users are also click and drool, so I have to stick to this.

Best regards and Merry Chistmas to all of you.

Jesus Calvo

----- Original Message -----
From: "Davis, Scott" <[email protected]>
Date: Friday, December 21, 2001 9:16 pm
Subject: Re: [FW-1] securemote+ip pool nat+ X11

> Yeah, ssh is much easier, but we have users who are strictly click and
> drool, that would have no idea how to maneuver in a command line
> mode :)
>
> Scott
>
> -----Original Message-----
> From: Paul Cardon [mailto:[email protected]]
> Sent: Friday, December 21, 2001 2:48 PM
> To: [email protected]
> Subject: Re: [FW-1] securemote+ip pool nat+ X11
>
>
> Or use ssh with X11 forwarding and avoid all that configuration
> nastiness.
> -paul
>
>
> Davis, Scott wrote:
>
> > It took me a long time, but I finally got it to run.  Here are
> the steps I
> > used to make it work.  I got them from a collections of news groups,
> > checkpoint and phoneboy.
> >
> > 1. Make sure the Exceed X-Server is running on the client.
> > 2. Create a service of type Other, in the match field enter
> > "tcp,dport>=6000,dport<=6063,<dst,0> in userc_rules"
> > 3. Create a rule Source = X-Servers Destination = NAT Pool IP's
> Service =
> > Name of the Service Created in Step 2 And X11.
> > 4. Create a script file on the X-Server with the following lines :
> >         #!/bin/ksh
> >         /bin/ksh /usr/dt/bin/Xsession -display `who am i | sed -e
> "s/^.*(//"
> > -e "s/).*/:0/"`
> >
> > 5. Add the line " DISPLAY=`who am i | sed -e "s/^.*(//" -e
> "s/).*/:0/"` "
> to
> > your .profile (Solaris Only) or whatever file you use for
> environmental> variables.
> > 6. Create a new XStart on the client with the following
> configurations :
> >         Start Method - Telnet
> >         Program Type - X Window
> >         Login - user id
> >         Password - Password
> >         Host - Name or IP of the X Server
> >         Host Type - Type of Unix
> >         Command - /home/user/script file created in step 4
> >
> > Here is how it all works. Step 1, you have to have the X-Server
> listeningon
> > the Client for the connections back from the X-Server. Step 2 create
> service
> > for Step 3 (Duh !) Step 3 This allows the connections back from the
> X-Server
> > to the client. Step 4 this was the problem for me, the X-Server kept
> trying
> > to display back to itself the X Session.  This line pulls the
> NAT pool IP
> > address from the client connection and uses it for the display.
> Step 5
> also
> > puts this into the environmental variable, In my case something
> in the
> > X-Server was also using this variable, you may not need it.
> Step 6 is
> > setting up the client to use the script you created in step 4.
> Hopefullyif
> > all will work after this.  On a side note, we had clients using the
> Linksys
> > router/firewall, they had to take an additional step of mapping
> ports> 6000-6063 to the IP address of the client machine to make
> it work.
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>

------------------------------------------------------------------
This email is confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author and do not necessarily represent those of SchlumbergerSema.
If you are not the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited.
------------------------------------------------------------------

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.