[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] SecuRemote and Cisco Pix
> The service I try, be it Telnet or Net Support (port 5405) is now decrypted > fine, with a source address shown as the remote Pc's real address in the > log: This is correct behavior. If you would rather the SR client appear to have an IP on the office network, you can either enable IP NAT Pools or try using "Office Mode" in NG. > But there is no sign of real conenction between the remote site and the > target eg no response to the telnet request. Can you check the network table of the host you are trying to connect to to see if it is seeing the connection? For example, open up a connection from the SR client to a server in the encryption domain and then type: netstat -an on that system. You should see a connection to that server from the SR clients real IP address and on the port for the service you are using. Also, the system behind the PIX has an IP address in the 192.168.24.x network, but what is the IP address of the server you are trying to connect to? If it is also on the 192.168.24.x network, the server is going to respond to the traffic locally, instead of sending it back to the firewall. -Don ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|