| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] SecureClient IP not assigned
- To: [email protected]
- Subject: Re: [FW-1] SecureClient IP not assigned
- From: Frank Darden <[email protected]>
- Date: Tue, 29 Jul 2003 18:18:17 -0400
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcNV1Kl+C5Yy2CHVQam2ajcILVvp1gASm3Ow
- Thread-topic: [FW-1] SecureClient IP not assigned
Silly question but do you have a license for securclient on the
firewall, and securclient (not securemote) installed on the client pc?
Don't forget that Office Mode requires Securclient. I have seen OM
allocation fail behind certain providers PPPOE circuits. Also, is the
subnet that you are trying to allocate part of your internal LAN?
Frank
-----Original Message-----
From: De La Cruz, Neil [mailto:[email protected]]
Sent: Tuesday, July 29, 2003 9:13 AM
To: [email protected]
Subject: Re: [FW-1] SecureClient IP not assigned
Check Point document sk13806 refers to an "Office Mode Download" for NG
FP1.
The release notes are here:
http://www.checkpoint.com/support/downloads/docs/firewall1/ng/office_mod
e.pd
f
Do you have an "Office Mode" tab on your FW object properties? I think
the
"Remote Access" tab on FP2 is called "Office Mode" tab on FP1. This is
where you would define 1) the network object used for your OM pool, and
2)
the users group object allowed to participate in Office Mode.
nd
-----Original Message-----
From: shivi [mailto:[email protected]]
Sent: Tuesday, July 29, 2003 2:09 AM
To: [email protected]
Subject: Re: [FW-1] SecureClient IP not assigned
Good day Neil,
Thanks for your comments.
But i've taken care of the basics very well and the following are what i
did
1) Disabled DHCP client on the secure client pc. (win2k workstation)
2) Allowed full incoming and outgoing on Desktop security rules.
3) Enabled Office mode in Global properties
4) Enable IP NAT Pool too.
Are there other SecureClient users that are able to connect and get an
IP
> from the Office Mode pool
I am only trying with one pc at the moment.
My problem is, I dont see any Remote Access Tab on my Firewall Object
nor on
Global Properties.
Do i need this patch mentioned on the following artile.
http://www.pogostick.net/~peram/chkpnt/office_mode.pdf
Thanks alot for your time
Shiv
----- Original Message -----
From: "De La Cruz, Neil" <[email protected]>
To: <[email protected]>
Sent: Monday, July 28, 2003 11:10 PM
Subject: Re: [FW-1] SecureClient IP not assigned
> Shiv,
>
> I never ran Office Mode on FP1 (only FP2 or better); but I hope this
helps,
> nonetheless.
>
> I've seen this occur many times before. The most common cause from my
> experience was a personal firewall was blocking the incoming DHCP
response.
> If you are running Windows XP, make sure that the Internet Connection
> Firewall service is stopped.
>
> Are there other SecureClient users that are able to connect and get an
> IP from the Office Mode pool?
>
> Did you create a SC desktop rule to allow incoming DHCP responses?
> Or, if you use the SC Packaging Tool, make sure that you "check" the
> checkbox in the wizard called "Allow incoming DHCP responses without
> an explicit
inbound
> rule."
>
> Review your basics: Check your FW object's Remote Access property page
> and ensure that the correct user group object is allowed to
> participate in Office Mode or choose to offer Office Mode to all
> users. Check also your Global Property's Remote Access\VPN page to
> ensure that the Enable Office Mode checkbox is checked. On the same
> page, also check that the correct Office Mode Pool network object is
> selected.
>
>
> Neil De La Cruz, CISSP
>
>
>
> -----Original Message-----
> From: shivi [mailto:[email protected]]
> Sent: Monday, July 28, 2003 7:44 AM
> To: [email protected]
> Subject: [FW-1] SecureClient IP not assigned
>
>
> Hello there,
> I've installed a new installation of CheckPoint NG FP1 (ya its
> quite
> old) and trying to get VPN working. When i access from my client PC
> (SecureClient) i get connected fine except that i dont get an IP
assigned.
>
> I tried adding IP POOLS and Office Mode, but had no joy.
>
> I went through an article which says i need a Office Mode patch or
something
> installed but do i really need
> this in my situation as i dont mind getting a dynamic IP address
> assigned.
>
> Any help would be highly appreciated.
>
> Regards
> Shiv
>
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
