|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] SecuRemote through NAT device???
> Question is, does my firewall box know to send the 192.168.x.x > traffic back to the SR client it originated from. Your firewall should be sending the traffic to the default router which would be the correct behavior. > Actually, it wouldn't even > be coming from a 192.168.x.x address would it? Wouldn't my client side > Linksys device repackage the packet as if it was coming from the public side > of Linksys device assigned through DHCP by the ISP? After all, that's what > NAT is all about. But SecuRemote interferes with this procedure. Yes the UDP encapsulated packets are rewritten, but when CheckPoint decodes the encapsulated packets, it discovers the original address (the 192.168.x.x address) of the originating system. > Since it works fine without the device. My assumption would be that > something is going wrong with the repackaging of packets either as they go > out, or as they return. Who knows at this point, seems like it could be > anything. Without a traffic dump it is very hard to determine what is going wrong. You may wish to install a sniffer such as Ethereal to help you figure out where the traffic is coming from and going to. Can you authenticate to the firewall? Or is even this failing? -Don ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
