[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Office Mode & Tunnel Test
On Tue, 1 Jul 2003 07:33:56 +0400, "Balaji Ilakkumanan (ISTD)" <[email protected]> said: > Try giving the Address pool for Office mode strange and not at all > related > to your setup , since the firewall thinks it is from the same subnet. The address pool I'm using is a completely different subnet to any other defined in my test lab, illustrated below for reference: In my testing I've created a FP3 firewall running SecurePlatform and connected it to two subnets. The 'internal' in 192.168.100.0/24 (firewall has .80) and the 'external' is 192.168.50.0/24 (firewall has .80). The topology is defined correctly and I've created a Client Encrypt rule. I'm running a Secure Client on 192.168.50.106 and have defined a site for 192.168.50.80. Without Office Mode this works fine and I'm able to connect to a resource in the encryption domain (i.e. the internal network). I then created a network object for 192.168.200.0/24 and assigned it as a manual range for Office Mode on the firewall object. Having changed the Secure Client to 'Connect Mode' I then attempted to establish a connection to the same site and then received the error 'tunnel_test failed'. If I added a static route on the firewall pointing the 192.168.200.0/24 network at my Secure Client real IP address (192.168.50.106) the tunnel test worked fine. Cheers, Chris ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|