I have found that SR 4157 does not work well with pre 4.1 firewalls. Rather use 4153 with ike. You will find that with the exact same config 4157 will fail and 4153 will work.(config on the firewall)
Chow
Andrew
Internet Security Engineer (CCA,CCSA,CCSE,CCNA)
Gigabytes Inc.
Tel: (510) 440-8032
Fax: (877) 295-3969 (toll free)
Cel: (510) 220-1343
-----Original Message-----
From: zinc zdj [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 08, 2000 5:46 PM
To: [EMAIL PROTECTED]
Subject: [FW1] FW: fw topo 264 and secure remote 4157
Hi Checkpoint Gurus!
I have checkpoint firewall 4.0 w/ service pack 4 on NT 4.0 w/ service pack 4
as well. The user using Secure Remote 4157 on windows 98.
On my firewall, add the following rules near the top:
Source Destination Service Action
any firewall RDP
ISAKMP Accept
FW1_topo264
AllUsers@any firewall-encdomain Any Client Encrypt
and I disabled "Enable FireWall-1 Control Connections" in the Rulebase
Properties.
The problem that I have is that if I enable FW1 Control connection, the user
don't have a problem connect and I saw the log that fw1_topo265 is being
drop by firewall but the user is able to acces corporate network. Thus, if I
disable FW1 control connection, the user is unable to connect.
Plese help. Any help is appreciated.
Thank you very much.
zinc
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
