| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] 2 External Interfaces VPN
- To: [email protected]
- Subject: Re: [FW-1] 2 External Interfaces VPN
- From: "Grabowski, David" <[email protected]>
- Date: Tue, 16 Sep 2003 13:29:54 -0400
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcN8c4syoPimSLYsTCOPgcprQmcWAQABEGGg
- Thread-topic: [FW-1] 2 External Interfaces VPN
I would think that having two "external" interfaces defined on your
firewall would cause numerous problems.
What I would do --
- Define your internet-facing interface as "external"
- Define the networks that are on the WAN as being behind the WAN
interface
- If SecureRemote wants to traverse the Internet for their connections,
perhaps you can add some static routing on their side so that their
traffic destined for your gateway traverses the WAN instead...
> -----Original Message-----
> From: Leonardo Boulton [mailto:[email protected]]
> Sent: Tuesday, September 16, 2003 12:25 PM
> To: [email protected]
> Subject: Re: [FW-1] 2 External Interfaces VPN
>
>
> The WAN Users couldn't go to the internet through the
> firewall anyway...
> they have an independent Internet connection. That is the
> problem. Once
> they define the Site on the SecuRemote, the VPN tunnel is stablished
> through the Internet, not the WAN link.
>
> Both interfaces are defined as External.
>
> L.
>
> On Tue, 2003-09-16 at 11:07, Wayne Ho wrote:
> > What you can is to define a scope of IPs assign to
> > users coming from WAN link, and set a rule to restrict
> > these users going to Internet.
> >
> > Wayne
> > --- Leonardo Boulton <[email protected]>
> > wrote:
> > > Hi All,
> > >
> > > I am looking for a solution. I want to configure two
> > > VPN tunnels on two
> > > different external interfaces of the same firewall.
> > >
> > > The firewall has two external interfaces: one
> > > connected to the Internet,
> > > and the other one connected to a dedicated WAN.
> > > Users in the WAN have
> > > access to the Internet through their own sites.
> > >
> > > I want the users on the WAN to use securemote
> > > through the WAN link, not
> > > through the Internet. What can I do?. With what IP
> > > should I define the
> > > Firewall Object?.
> > >
> > > Thanks in advance lads,
> > >
> > > LB
> > >
> > > =================================================
> > > To set vacation, Out-Of-Office, or away messages,
> > > send an email to [email protected]
> > > in the BODY of the email add:
> > > set fw-1-mailinglist nomail
> > > =================================================
> > > To unsubscribe from this mailing list,
> > > please see the instructions at
> > > http://www.checkpoint.com/services/mailing.html
> > > =================================================
> > > If you have any questions on how to change your
> > > subscription options, email
> > > [email protected]
> > > =================================================
> >
> >
> > __________________________________
> > Do you Yahoo!?
> > Yahoo! SiteBuilder - Free, easy-to-use web site design software
> > http://sitebuilder.yahoo.com
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > =================================================
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
#####################################################################################
CONFIDENTIAL: This e-mail, including its contents and attachments, if any, are confidential. It is neither an offer to buy or sell, nor a solicitation of an offer to buy or sell, any securities or any related financial instruments mentioned in it. If you are not the named recipient please notify the sender and immediately delete it. You may not disseminate, distribute, or forward this e-mail message or disclose its contents to anybody else. Unless otherwise indicated, copyright and any other intellectual property rights in its contents are the sole property of Mizuho Securities USA Inc.
E-mail transmission cannot be guaranteed to be secure or error-free. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version.
Although we routinely screen for viruses, addressees should check this e-mail and any attachments for viruses. We make no representation or warranty as to the absence of viruses in this e-mail or any attachments. Please note that to ensure regulatory compliance and for the protection of our customers and business, we may monitor and read e-mails sent to and from our server(s).
#####################################################################################
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
