Hi, Do you mean we have to restrict our VPN domain or in the Rusian FW's VPN domain? Infact in our FW VPN domain "All IP address behind gateway based on topology information" checked. It is usefull for accessing IT personel for everywhere. Do you mean in Turkey we must restrict this? Thanks
>>> [EMAIL PROTECTED] 22.06.2005 09:58 >>> Hi, You did add your web server in your VPN domain i think. That's why it comes from your tunnel for such connections. So Russia takes topology as they must come to your web server by VPN tunnel. So if you remove the webserver object from your VPN domain, the problem will be solved. For VPN domain you must look firewall object's Topology tab under VPN domain. On 6/22/05, SIBEL MEREY <[EMAIL PROTECTED]> wrote: > Hi everybody, > > We have head office in Turkey and brunch office in Russia and made VPN tunnel > for communication each aother. But we want internet access by their own site. > Now VPN communication for LAN is OK. But when a user inside Russia LAN want > to access our web server which is locate our DMZ with legal IP, he can not > access fron internet site. I think if we allow access from VPN tunnel LAN and > pass FW for access web server it maybe work. But we want to communicate VPN > tunnel for only LAN communication, we dont want to use access the server > which legal IP with VPN tunnel. Is there any way to do it? > > Best regards, > > Sibel > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
