Aaron J Weber wrote:
> I didn't mean to flame or be a troll. I was simply surprised.
OK :)
>
> Can you clarify how you have your workaround? Do you mean I would have
> to statically assign the IP Addresses to my LAN clients and then enable
> those protocols on the firewall? Or are you referring to the target IPs?
I'm referring to the source ip. I have static dhcp addresses, so I
didn't care too much about that. But if you don't mind, you can enable
these protocols for the whole GREEN zone. Or, AFAIK you can enable this
based on the MAC address of the PC, maybe this would be the best solution.
From the doc: "MAC address
This is optional. You may fill in the MAC address of a network card
which is allowed or disallowed to pass through. If you do not want to
specify both, IP address and MAC address, but only the MAC address, then
simply select a zone within the source net and leave the source IP
address field blank
"
>
> If I have more than one PC in the GREEN zone that needs to independently
> connect to different IPSec targets, will this work???
Yes, this just makes possible to connect to the outside world.
>
> Thanks again, as I said, I meant no offense in my previous post.
>
> -AJ
--
Üdvözlettel,
Gábriel Ákos
-=E-Mail :[EMAIL PROTECTED]|Web: http://www.i-logic.hu=-
-=Tel/fax:+3612367353/200 |Mobil:+36209278894 =-
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
