Greetings,
Maybe somebody could shed some light onto this subject:
We are running frame relay between different offices for intra-office
communication, each office has it's own class C (RFC 1918) subnet. Each
office also has a FW-1 4.1SP2, protecting the Internet T1, with Export for
SecuRemote enabled. My userc.C contains info about all the gateways, along
with their Encryption Domains. This works great as long as I am on the
outside, trying to VPN in. BUT, when I am sitting in one of the offices and
try to connect to a device in the other office, I want it to go through the
frame, hence no encryption/authentication, but SecuRemote sees the packet
and determines that it's going to a subnet protected by a one of the remote
FW's and tries to encrypt it. Which in turn screwes up a routing, along
with some other stuff.. I know I can disable the site, but that's just an
extra step I don't want to do...
Anybody seen this before, or know of a way around it?
While on the topic, has anyone played with customizing the UDP port
SecuRemote connects on?
Thanks
-Gary-
Gary Portnoy
Network Administrator
[EMAIL PROTECTED]
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
