NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] SecuRemote with IKE

  • To: [email protected]
  • Subject: [FW-1] SecuRemote with IKE
  • From: Nahshon Vitalis Makajil <[email protected]>
  • Date: Fri, 10 May 2002 14:22:20 +0800
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcH3695Y0uKMxmQdEdaiogBgCDdLAQ==
  • Thread-topic: SecuRemote with IKE
Hello again,

Thought everthing was solved..but it seems after one thing is solve
anothe problem pops-up.
I dont get the "User not define properly" anymore. But it seems i dont
get any response either.
When i ping using my SRClient to the internal ip, i get a request
timeout. Accesing the internal web gives nothing either. Even pinging to
the FW external ip gives me the same result.

I've allowed rules for pinging the internal ip and allowed a rule for
SRClient to go into the internal lan.This is how my rule base looks like

1. ANY            FW                RDP
                                          IKE           Accept
                                      UDP_2746
                                    UDP_500
2.SRGroup@Any   Encyrpt_Domain    Any           ClientEncrpyt
                  FW
3.Encrypt_Domain  Any                   Any             Accept
4.Any                   Encyrpt_Domain  icmp            Accept

At my FW object i chose both UDP and FWZ as my encryption scheme. I've
checked the Exportable for Secure Remote box. I've generated both the
Local and the DH keys for my FWZ scheme. And for IKE i choose all three
types of key exchange, DES,3DES and CAST.

For the User object however, i've only set IKE as my encryption method
and i selected DES as my encryption algorithm. At my SRClient i've also
choose IKE as my encryption scheme and i only check "IKE over TCP" for
IKE Settings.

I wonder if theres anything else that i miss.

Authentication to Firewall was great but after that nothing happens.
>From the Firewall logs i can see that key exchange does happen and when
i tried accesing my internal webpages, i can see that traffic from the
SRClient to the internal ip is getting decrypted for http services, but
im not getting my webpage.

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.