Is the user part of the user group you are using? Do you have any restrictions on source or destination for that user? If you use the "all user" group does it still fail? Do you see this with all users?
-GS -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Martín Alcalá Rubí Sent: Wednesday, August 16, 2006 11:57 AM To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM Subject: Re: [FW-1] Securemote/SecureClient connections are not accepted by the client encrypt rule, instead they are dropped by the cleanup rule. Ok, excuse me. I have an distributed installation, R55 HFA 13, and Securemote connections are not accepted by the client encrypt rule, instead they are dropped by the cleanup rule. I mean, I connect successfully to thw GW but, when packets arrive, they don't match de Remote Access rule, so they are dropped by teh clean un rule. (and in the tracker, I can't see the packet as related to the user, the only packets related to the user are the connection ones) I can solve this creating a rule with Accept and a fixed IP addess, and then the packets are unencrypted normally, but this workaround doesn't work with clients with Dinamical IP Address. Did I explain myself better now?? Thank you so very much. Saludos cordiales, Ing. Martín Alcalá Rubí Dpto. de Ingeniería Security Advisor www.sadvisor.com Mark Elsen escribió: >> Hi guru's >> >> I have the following problem: >> >> * Securemote/SecureClient connections are not accepted by the client >> encrypt rule, instead they are dropped by the cleanup rule. > > - Please elaborate on this sentence. > > M. > >> >> *Does anyone have an idea what this could be?? >> >> Best regards, and thank you so very much! >> > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================