Article sk25494 for SecureClient & Office Mode talks about this type of behavior due to a hard-coded WINS. In your case, it's probably a similar situation in that the hard-coded WINS is taking precedence over what you have defined in dnsinfo.c for WINS.
Ray
From: "O'Flynn, Derek" <[EMAIL PROTECTED]> Reply-To: Mailing list for discussion of Firewall-1 <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [FW-1] SecuRemote using WINS, fails to split tunnel Date: Thu, 3 Jun 2004 00:52:19 -0500
Scenario:
I have WINS defined on my local NIC
I am connected to the gateway
I can ping internal_server with the WINS address, nothing happens.
I can ping internal_server.domain.com DNS address, DNS is resolved internally, and ICMP proceeds.
SRFW monitor shows for the WINS address. (passed through normal ISP, not through tunnel)
o -> myip -> wins server -> UDP 137
O -> myip -> wins server -> UDP 137
SRFW monitor shows for any other type of connection. (redirected through tunnel to gateway)
o -> myip -> server -> otherport
O -> myip -> fwgateway -> UDP 2746
After about 3 minutes of it not working, it suddenly starts sending WINS request down the tunnel and all is well. During the time it's not working and you perform wins queries, the icon does not move and SRFW shows that it's not redirecting it to the tunnel.
It's seems to be sporadic, but I can get it recreated on multiple machines. It doesn't appear to be a gateway issue. I have tested with R55, and R56. The gateway sees the external request come in but not via the tunnel, but via the Internet. It has the error message 'packet passed in clear text for encrypted connection' and promptly drops it.
Why for WINS is the request not being redirected through the tunnel? Anyone seen this?
Thanks,
Derek
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
_________________________________________________________________ MSN 9 Dial-up Internet Access fights spam and pop-ups � now 3 months FREE! http://join.msn.click-url.com/go/onm00200361ave/direct/01/
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
