Hallo Frank,
no the firewall needn't to act as a relay host.
Using the secuRemote client and the encryption of the data means
that the confidential data are secured when passing unsecure
connections. So the encryption starts at the external laptop and
ends at the firewall. The connection from the firewall to the
internal exchange server is as usual not encrypted. Usually this
constuct works and provides you with the security needed, because
the internal network is supposed to be a trusted network.
The connection to the exchange server itself, the NETBIOS
connection, is tunneled through the encrypted secuRemote
connection.
laptop -> encrypted [Exchange connection] -> FW ->
Exchange connection -> Exchange server
I hope this answers your question :-)
A good source for a installation guideline is the phoneboy site:
http://www.phoneboy.com/fw1/ -> there SecuRemote or Encryption and
VPN
robert
On Fri, 28 Jul 2000, Frank Nardis wrote:
>
>
> Is it possible to use the Secure Remote Client to connect through a
> CPFW1/w VPN to a Microsoft Exchange server behind the firewall? The
> firewall is CPFW Ver 4.0 on NT4 platform. I have not been able to create
> a rule(s) that would allow this.
>
> I have been told that the only way to be able to retrieve mail remotely
> would be to have the FW be a relay host (or set one up ahead of the
> firewall), is this true?
>
>
> Regards,
>
> Frank
>
>
>
----------------------------------------
Robert Binder
IT-Security Consultant
Integralis, Niederlassung M�nchen
Gutenbergstr. 1
D-85737 Ismaning
Tel: +49-89-94573-235
Fax: +49-89-94573-119
http://www.integralis.de/
A member of the Articon-Integralis Group
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
