Hello all,
Currently wrestling to understand what is going on. I am running NT
SP6a, with FW-1/VPN-1 4.1 SP2, and SecuRemote 4165
Everything is working correctly except browsing through netowrk
neighborhood, which I have info on how to set up so I am not worried. But
what I notice is with this setup the following happens:
Policy Server on firewall, using IKE, 3DES, FW password for now.
Gateway rules Inbound
Rule 1: SecuRemote@Any firewall-encdomain Any Client
Encrypt Long Gateways
To get ping to work I have to add the following rule (I don't want ping
originating from the encdomain, just responding for test):
Rule 30: encdomain Any echo-reply Accept Long
Gateways
When I ping from my SecuRemote client I get replies as expected, and see the
following in the log:
decrypt "" Source Destination icmp 1
blah,blah,blah
Accept "" Source Destination icmp 30
blah,blah,blah
encrypt "" Destination Source icmp 2
blah,blah,blah
Well rule 2 is for my webtrends LEA connection to the Firewall. Is the
encrypt rule automatically rule 2? No matter, it does work so I assume it
is.
When I map a drive, or dir the mapped drive from the secuRemote client, I
see the following:
decrypt nbsession Source Destination tcp 1
blah,blah,blah
But that's all I see. How is the response getting through? Is the response
encrypted? Why do I need the echo-reply rule, but no rule for NBT services?
thanks in advance!
PDB
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
