[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Problem with SecuRemote
I have recently installed a Nokia IP330 firewall with VPN-1. I also have the licenses I need for Securemote installed. I have stopped and started the firewall and all seems to be OK except when I try to use the VPN. Here is my configuration: I am running Checkpoint 4.1 Under Policies/Properties/IP Pool NAT/ I have selected Enable My Firewall object is using the outside IP address (12.xx.xx.xx) My Firewall object has "use IP pool NAT for SecuRemote Connections" selected under the VPN tab The allocated address come from a network object I set up with valid IP address to use for VPN On the VPN tab I have my domain set as the entire network behind the firewall (66.xx.xx.xx) I am using the IKE encryption scheme with 3DES and shared secrets being selected On the Authentication tab of my firewall object I have VPN-1 & FW-1 Password selected only I have one user set up (me) and added to a test group For my user account I have the authentication set to VPN-1 & FW-1 Password I have encryption set as IKE - 3DES with the same password as my user account I have 2 new rules set up: 1. Source = Any Destination = MyFireWallObj Service = RDP & IKE Action = Accept 2. Source = Me@Any Destination = 66. Network Service = Any Action = Client Encrypt Now for what the problem is. When I try to connect to one of my servers I get the Authentication screen from Securemote. I enter the user name and password and after a few seconds it comes back and says that I have been successfully authenticated by VPN-1. However, anytime I try to access the sever (ping, http, etc...), I get timeouts and nothing comes back. It looks like (from the log files) everything is getting to the IP330 but nothing is making it back to the client. Any ideas??? Thanks, Scott ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|