[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] VPN on NG; question on VPN tunnel re-direct
We have a similar setup with 4 sites linked by Checkpoint <--> Checkpoint
VPN tunnels.
Each firewall has its own encryption domain, so that the other FWs know
what is on the other end of the tunnel; this encryption domain is also
ticked as exportable for SecuRemote, which is how they topology gets into
userc.C
Therefore, SecuRemote users will create a separate VPN connection to each
FW whose encryption domain they want to access.
If you tick the 'Remember password, as per site settings' checkbox in the
VPN-1 authentication dialog it *should* stop the authentication dialog
appearing for each new encryption domain you want to access... however we
have not found this to work! The dialog appears for both the first and
second encryption domain accessed, thereafter it obeys the 'Remember...'
setting.
Good luck!
Julian
|---------+---------------------------------------------->
| | "Ekblad, Eric M" <[email protected]> |
| | Sent by: Mailing list for |
| | discussion of Firewall-1 |
| | <[email protected]|
| | kpoint.com> |
| | |
| | |
| | 12/11/2002 16:27 |
| | Please respond to Mailing list for |
| | discussion of Firewall-1 |
| | |
|---------+---------------------------------------------->
>----------------------------------------------------------------------------------------------|
| |
| To: [email protected] |
| cc: |
| Subject: [FW-1] VPN on NG; question on VPN tunnel re-direct |
>----------------------------------------------------------------------------------------------|
Dear all:
Can someone please let me know if they have this working OK or have
successfully labbed it (I just need to know if this actually works)?
Checkpoint NG, any platform.
Secure Remote
Secure Remote User < INTERNET > FW "A" <SITE to SITE VPN TUNNEL> FW "B"
IF FW "A" uses the same legal IP (interface) on the Internet for BOTH the
SR
access AND the Site to Site tunnel to "B", can the SR user:
-build a SR tunnel to "A"
-then, access subnets behind "B" via the Site to Site tunnel
Thanks! e
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet.
**********************************************************************
Zenith Insurance Management Limited Registered No. 3805632
Registered @ Zenith House, Market Place, Haywards Heath,
West Sus, RH16 1DB.
NOTICE:
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the [email protected] and delete the message
and any attachments accompanying it immediately.
**********************************************************************
________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet.
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================