We are implementing the encryption domain in our network to permit that
some partners access our servers using SecureClient, I have the following
situation:
I've defined a encryption domain that is a group of networks, just like
this:
- Intranet: 128.1.0.0 (our intranet servers)
- Invalids: 192.168.0.0 (our dmz)
- Valids: 200.250.0.0 (our valid IPs)
* I'm using FWZ
Some machines:
- Intra: IP:192.168.0.X NAT: 200.250.X.X
- Disc: IP:192.168.0.X NAT: 200.250.X.X
- Brgabs013: IP:128.1.8.X NAT: 200.250.X.X
Both (Intra,Disc) are virtual IPs of a server that is connect directly to a
FW Server interface, and the other one (Brgabs013) is conected on a
switch that is connected to another FW interface.
A group of users: Extralux
And a rule:
SRC: Extralux@any
DST: Intra; Disc; Brgabs013
SERVICE: HTTP; FTP
ACTION: Client Encrypt
So what's the problem?
When I try to connect (ftp or http) to Intra or Disc usin SecureClient it
works fine, the SecureClient popup appeas I type the user and the password
and
I get connection, but when I try to connect to brgabs013 the popup appears
but I don't receive the password confirmation.
And there another strange situation: When I connect to Intra or Disc and I
get and I
try to access the Bragabs013 it doesn't work.
I'm making those tests using a machine with a dial-up connection.
I hope you can help me.
Thanks a lot.
Rog�rio Brito
Ellux do Brasil.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
