NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] SecuRemote and DNS



Thanks for all of your inputs, i have couple more questions ....

If a secuRemote client is connected to my Internal network/Enc Domain using
an ISP and let's assume that i configure them as a WINS client, what's the
order in which name resolution will be done considering the fact that we
have ISP's DNS server ( recd as part of the dialup PPP session established
with the ISP) and WINS server configured on the client (being a WINS client)
...whether DNS erver will be usd or WINS server ???

As an example let's say my laptop should connect to my mail server ( let's
call it as "myexchange" having an ip address of 192.168.1.1) and i have
setup securemote properly and can get to the server using the IP address.If
i are to use the name "myexchange" will the client apps (Outlook) will use
WINS first to resolve the name???


The follow up question is, should i have to configure the WINS client with a
routable IP address and NAT them to it's actual RFC 1918 address on the FW
or use  non-routable IP address directly.

Thanks

Muthu


-----Original Message-----
From: Fowler, Chris [mailto:[email protected]]
Sent: Wednesday, January 23, 2002 11:37 AM
To: [email protected]
Subject: Re: [FW-1] SecuRemote and DNS


If I understand your question, you want to be able to resolve host names on
SecuRemote clients without a hosts file and you are running split (internal
and external) DNS.. the method I am using is to configure the client with a
WINS server and add static entries in the WINS server for all non-M$ (*nix)
machines. this allows for centralized management of the database; unlike a
hosts file which would be difficult to update.

Chris Fowler
-----Original Message-----
From: Muthuraja Ayyanar [mailto:[email protected]]
Sent: Wednesday, January 23, 2002 9:37 AM
To: [email protected]
Subject: [FW-1] SecuRemote and DNS


Hi All ,

I would like to know how to make a SecuRemote client to use internal DNS
server for resolving domain names of the resources inside the encryption
domain and use the ISP's DNS for resolving Intername Domain names.Since the
topology information SecuRemote downloads is basd on IP numbers,
(application will be able to make use of the SecuRemote VPN only if the
application knows the IP number of the resource) let's say an applications
needing to resolve say a server whose domain name is www.mycompany.com which
is in the inside network or part of encryption domain  how will the traffic
will be encrypted if the name can't be resolved to the IP address.

Also we can take MS Outlook as an example , let's say i have a MS Exchange
server inside of my network and my encryption domain encompasses the MS
exchange server and when i connect to my CP VPN-1 server usng SecuRemote
using an ISP i get the topology of the enc domain, but how will my outlook
client will be able to get to my mailstore if the server name can't be
resolved.

I don't know if hosts file is the only option.

Appreciate your thoughts on this issue,

Muthu

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.