|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] SDL & windows 2000
Are you using NAT Pools? If you are there is a known bug that is going to be fixed with NG FR2. The bug is Netbios breaks when going threw a NAT pool. James ----- Original Message ----- From: <[email protected]> To: <[email protected]> Sent: Friday, January 25, 2002 7:23 AM Subject: Re: [FW-1] SDL & windows 2000 > Still, my SR setup including SDL does not work. Do people have it running on a ADSL line or with PPP connections? > > James Oryszczyn <[email protected]> wrote: > > >Do you have a LMhosts file with the Domain Controllers in it? I have found > >that you still need to set a LMhosts file for SDL to work in W2k. > > > >James > >----- Original Message ----- > >From: <[email protected]> > >To: <[email protected]> > >Sent: Monday, December 17, 2001 12:18 PM > >Subject: Re: [FW-1] SDL & windows 2000 > > > > > >> James Oryszczyn <[email protected]> wrote: > >> > >> >W2K will have DNS and netbios traffic on a boot up. The Windows 2000 > >> >machine is trying to contact the domain controllers to get machine > >policys > >> >and such. Capture when hit Ctrl-al-deltete and the tunnel comes up. Then > >> >look for DNS traffic. > >> > > >> > >> Hi, > >> I've traced all packets leaving my SR/SC box. After startup of the > >networking services the client tries to contact its DNS servers directly > >without any use of SR/SC, although split DNS/ encrpted DNS is setup > >correctly (it runs for a different NT box). When I now pass some random > >credentials the logon fails however after that SR/SC logon window pops up. > >When those credentials belong to a cached profile the logon process uses > >this instead of waiting for SR to come up with the pop up window. > >> > >> Any further hints/ reading? > >> > >> Egonle > >> > >> >James > >> >----- Original Message ----- > >> >From: <[email protected]> > >> >To: <[email protected]> > >> >Sent: Friday, December 14, 2001 3:36 AM > >> >Subject: Re: [FW-1] SDL & windows 2000 > >> > > >> > > >> >> "Miller, Joe" <[email protected]> wrote: > >> >> > >> >> >Are you running W2k in Native mode or Mixed Mode? If you are running > >> >> >Mixed mode, authentication will work. In native mode, however, there > >are > >> >> >issues with 4.1 (to be fixed in NG). > >> >> > > >> >> >Joe > >> >> > > >> >> > >> >> IMHO, Native Mode and Mixed Mode are terms regarding the communication > >> >between DCs not clients to a DC itself. Depending on the setup a W2K DC > >is > >> >able to fall-back to NTLMv2 authentication if Kerberos isn't supported by > >> >the client. > >> >> > >> >> Anyway, after a reboot of the W2K machine my sniffer captured DNS, NBT > >> >packets which the box is trying to contact directly (Encrypted DNS is > >setup > >> >correctly!). This points out that SecureClient/ SecuRemote is not able to > >> >capture packets sent by the OS before a login process is started. > >> >> > >> >> After a reboot I've passed some random credentials so that a login > >fails > >> >for sure. After that "failed logon" securemote login window pops up and a > >> >VPN tunnel is tried to open by SR. > >> >> > >> >> > >> >> Egonle > >> >> >-----Original Message----- > >> >> >From: Michael S. Hobbs [mailto:[email protected]] > >> >> >Sent: Thursday, December 13, 2001 10:30 AM > >> >> >To: [email protected] > >> >> >Subject: Re: [FW-1] SDL & windows 2000 > >> >> > > >> >> > > >> >> >I am using Win2k with AD, running FW-1 4.1 SP2, and the latest > >> >> >SecureClient for FW-1 4.1. I have SDL and SSO enabled and I am able > >to > >> >> >login just fine. The only problem is intermittent issues with the > >login > >> >> >script. Sometime it runs, sometimes it does not. > >> >> > > >> >> >Michael > >> >> > > >> >> >-----Original Message----- > >> >> >From: Mailing list for discussion of Firewall-1 > >> >> >[mailto:[email protected]] On Behalf Of Jim > >> >> >Laverty > >> >> >Sent: Thursday, December 13, 2001 7:26 AM > >> >> >To: [email protected] > >> >> >Subject: Re: [FW-1] SDL & windows 2000 > >> >> > > >> >> > > >> >> >SDL does not work with Active Directory in Windows 2000, if you are > >> >> >using the 4.1 version of FW-1. I confirmed this with Checkpoint. I > >was > >> >> >told NG would support this only. > >> >> > > >> >> >The srv packets never get passed through. Load up a sniffer and > >capture > >> >> >a local domain login to an ADS box. Then sniff the incoming > >connection > >> >> >from SecuRemote, you will see completely different behavior. You can > >do > >> >> >SDL with NT 4.0, not W2K. > >> >> > > >> >> >-----Original Message----- > >> >> >From: Mailing list for discussion of Firewall-1 > >> >> >[mailto:[email protected]] On Behalf Of > >> >> >[email protected] > >> >> >Sent: Thursday, December 13, 2001 4:49 AM > >> >> >To: [email protected] > >> >> >Subject: Re: [FW-1] SDL & windows 2000 > >> >> > > >> >> > > >> >> >"Michael S. Hobbs" <[email protected]> wrote: > >> >> > > >> >> >>Yes SDL is supported in Windows 2000. > >> >> >> > >> >> > > >> >> >Ok, I've enbled SDL on W2K (without SSO). However SecuRemote/ Client > >> >> >Login window does not pop up during login, so either a cached profile > >is > >> >> >used or the login fails. > >> >> > > >> >> >Regards, > >> >> > > >> >> >Egonle > >> >> > > >> >> >>Michael > >> >> >> > >> >> >>-----Original Message----- > >> >> >>From: Mailing list for discussion of Firewall-1 > >> >> >>[mailto:[email protected]] On Behalf Of > >> >> >>[email protected] > >> >> >>Sent: Wednesday, December 12, 2001 2:21 PM > >> >> >>To: [email protected] > >> >> >>Subject: [FW-1] SDL & windows 2000 > >> >> >> > >> >> >> > >> >> >>Hi, > >> >> >>does anybody know if SDL is supported on windows 2000? > >> >> >> > >> >> >> > >> >> >>Regards, > >> >> >>Egonle > >> >> >>-- > >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >>__________________________________________________________________ > >> >> >>Your favorite stores, helpful shopping tools and great gift ideas. > >> >> >>Experience the convenience of buying online with Shop@Netscape! > >> >> >>http://shopnow.netscape.com/ > >> >> >> > >> >> >>Get your own FREE, personal Netscape Mail account today at > >> >> >>http://webmail.netscape.com/ > >> >> >> > >> >> >>================================================= > >> >> >>To unsubscribe from this mailing list, > >> >> >>please see the instructions at > >> >> >>http://www.checkpoint.com/services/mailing.html > >> >> >>================================================= > >> >> >>To set vacation, Out Of Office, or away messages, > >> >> >>send an email to [email protected] > >> >> >>in the BODY of the email add: > >> >> >>set fw-1-mailinglist nomail > >> >> >>================================================= > >> >> >>If you have any questions on how to change your > >> >> >>subscription options, email Ron Alcatraz at: > >[email protected] > >> >> > > >> >> >>================================================= > >> >> >> > >> >> >>================================================= > >> >> >>To unsubscribe from this mailing list, > >> >> >>please see the instructions at > >> >> >>http://www.checkpoint.com/services/mailing.html > >> >> >>================================================= > >> >> >>To set vacation, Out Of Office, or away messages, > >> >> >>send an email to [email protected] > >> >> >>in the BODY of the email add: > >> >> >>set fw-1-mailinglist nomail > >> >> >>================================================= > >> >> >>If you have any questions on how to change your > >> >> >>subscription options, email Ron Alcatraz at: > >[email protected] > >> >> > > >> >> >>================================================= > >> >> >> > >> >> >-- > >> >> > > >> >> > > >> >> > > >> >> > > >> >> >__________________________________________________________________ > >> >> >Your favorite stores, helpful shopping tools and great gift ideas. > >> >> >Experience the convenience of buying online with Shop@Netscape! > >> >> >http://shopnow.netscape.com/ > >> >> > > >> >> >Get your own FREE, personal Netscape Mail account today at > >> >> >http://webmail.netscape.com/ > >> >> > > >> >> >================================================= > >> >> >To unsubscribe from this mailing list, > >> >> >please see the instructions at > >> >> >http://www.checkpoint.com/services/mailing.html > >> >> >================================================= > >> >> >To set vacation, Out Of Office, or away messages, > >> >> >send an email to [email protected] > >> >> >in the BODY of the email add: > >> >> >set fw-1-mailinglist nomail > >> >> >================================================= > >> >> >If you have any questions on how to change your > >> >> >subscription options, email Ron Alcatraz at: > >[email protected] > >> >> >================================================= > >> >> > > >> >> >================================================= > >> >> >To unsubscribe from this mailing list, > >> >> >please see the instructions at > >> >> >http://www.checkpoint.com/services/mailing.html > >> >> >================================================= > >> >> >To set vacation, Out Of Office, or away messages, > >> >> >send an email to [email protected] > >> >> >in the BODY of the email add: > >> >> >set fw-1-mailinglist nomail > >> >> >================================================= > >> >> >If you have any questions on how to change your > >> >> >subscription options, email Ron Alcatraz at: > >[email protected] > >> >> >================================================= > >> >> > > >> >> >================================================= > >> >> >To unsubscribe from this mailing list, > >> >> >please see the instructions at > >> >> >http://www.checkpoint.com/services/mailing.html > >> >> >================================================= > >> >> >To set vacation, Out Of Office, or away messages, > >> >> >send an email to [email protected] > >> >> >in the BODY of the email add: > >> >> >set fw-1-mailinglist nomail > >> >> >================================================= > >> >> >If you have any questions on how to change your > >> >> >subscription options, email Ron Alcatraz at: > >> >> >[email protected] > >> >> >================================================= > >> >> > > >> >> >================================================= > >> >> >To unsubscribe from this mailing list, > >> >> >please see the instructions at > >> >> >http://www.checkpoint.com/services/mailing.html > >> >> >================================================= > >> >> >To set vacation, Out Of Office, or away messages, > >> >> >send an email to [email protected] > >> >> >in the BODY of the email add: > >> >> >set fw-1-mailinglist nomail > >> >> >================================================= > >> >> >If you have any questions on how to change your > >> >> >subscription options, email Ron Alcatraz at: > >> >> >[email protected] > >> >> >================================================= > >> >> > > >> >> -- > >> >> > >> >> > >> >> > >> >> > >> >> __________________________________________________________________ > >> >> Your favorite stores, helpful shopping tools and great gift ideas. > >> >Experience the convenience of buying online with Shop@Netscape! > >> >http://shopnow.netscape.com/ > >> >> > >> >> Get your own FREE, personal Netscape Mail account today at > >> >http://webmail.netscape.com/ > >> >> > >> >> ================================================= > >> >> To unsubscribe from this mailing list, > >> >> please see the instructions at > >> >> http://www.checkpoint.com/services/mailing.html > >> >> ================================================= > >> >> To set vacation, Out Of Office, or away messages, > >> >> send an email to [email protected] > >> >> in the BODY of the email add: > >> >> set fw-1-mailinglist nomail > >> >> ================================================= > >> >> If you have any questions on how to change your > >> >> subscription options, email Ron Alcatraz at: > >> >> [email protected] > >> >> ================================================= > >> > > >> >================================================= > >> >To unsubscribe from this mailing list, > >> >please see the instructions at > >> >http://www.checkpoint.com/services/mailing.html > >> >================================================= > >> >To set vacation, Out Of Office, or away messages, > >> >send an email to [email protected] > >> >in the BODY of the email add: > >> >set fw-1-mailinglist nomail > >> >================================================= > >> >If you have any questions on how to change your > >> >subscription options, email Ron Alcatraz at: > >> >[email protected] > >> >================================================= > >> > > >> -- > >> > >> > >> > >> > >> __________________________________________________________________ > >> Your favorite stores, helpful shopping tools and great gift ideas. > >Experience the convenience of buying online with Shop@Netscape! > >http://shopnow.netscape.com/ > >> > >> Get your own FREE, personal Netscape Mail account today at > >http://webmail.netscape.com/ > >> > >> ================================================= > >> To unsubscribe from this mailing list, > >> please see the instructions at > >> http://www.checkpoint.com/services/mailing.html > >> ================================================= > >> To set vacation, Out Of Office, or away messages, > >> send an email to [email protected] > >> in the BODY of the email add: > >> set fw-1-mailinglist nomail > >> ================================================= > >> If you have any questions on how to change your > >> subscription options, email Ron Alcatraz at: > >> [email protected] > >> ================================================= > > > >================================================= > >To unsubscribe from this mailing list, > >please see the instructions at > >http://www.checkpoint.com/services/mailing.html > >================================================= > >To set vacation, Out Of Office, or away messages, > >send an email to [email protected] > >in the BODY of the email add: > >set fw-1-mailinglist nomail > >================================================= > >If you have any questions on how to change your > >subscription options, email Ron Alcatraz at: > >[email protected] > >================================================= > > > -- > > > > > __________________________________________________________________ > Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ > > Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
