Re: [FW1] SecuRemote connects to which fw interface (again)?

CryptoTech Mon, 19 Feb 2001 07:01:54 -0800

Please read the release notes for SP2.  You cannot download topology from the other
ip addresses, but once the topology exists on the client, he can establish a vpn to
any of the firewall's interfaces that he can see.

Cheers,
CryptoTech

"Hartmann, Josef" wrote:

> Thinking about this effect, means that it is only possible to establish a
> VPN connection only to one firewall interface?!?
>
> How do I get access to Checkpoint's Support center?
>
> > -----Original Message-----
> > From: Larry Pingree [SMTP:[EMAIL PROTECTED]]
> > Sent: Thursday, February 15, 2001 8:51 PM
> > To:   Hartmann, Josef; [EMAIL PROTECTED];
> > [EMAIL PROTECTED]
> > Subject:      Re: [FW1] SecuRemote connects to which fw interface (again)?
> >
> > I believe the answer would be yes. The IP address in the general tab is
> > used
> > to build the topology download, and this is the IP address to which
> > securemote will connect to.
> >
> > I do agree that Check Point "should" use the closest interface to the
> > securemote client, but this is not the case thus far.
> >
> > Maybe you could submit a bug to Check Point's Support center?
> >
> >
> > -=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-
> > Larry Pingree
> > Sr. Security Consultant
> > Email: [EMAIL PROTECTED]
> >
> > SiegeWorks
> > Company WebSite: http://www.siegeworks.com/
> > Security Installation, Training and Consulting
> > -=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-
> > ----- Original Message -----
> > From: Hartmann, Josef <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> > Sent: Thursday, February 15, 2001 1:23 AM
> > Subject: [FW1] SecuRemote connects to which fw interface (again)?
> >
> >
> > >
> > >
> > > Hi,
> > >
> > >
> > > I am running a fw with quite a few interfaces. Now I would like to setup
> > a
> > > VPN. After some troubles userc.C is now loaded, however SecuRemote does
> > > connect to the primary interface of the firewall not to the interface
> > which
> > > the client has access to.
> > >
> > > Unfortunately userc.C is encrypted. Setting the appropriate parameter in
> > > userc.C to false or removing it did not help me.
> > >
> > > A small figure to illustrate this:
> > >
> > >                                  Network C
> > >
> > >                                          |
> > >                                          |
> > >                              _______________
> > >                              |                        |
> > > network A   -----------|         FW           |----------------- Network
> > B
> > > ---------          VPN Client
> > > this IP address is   |                         |
> > > set the one of the   |                         |
> > > FW object.             --------------------------
> > >                                          |
> > >                                          |
> > >                                  Network D
> > >
> > > As you can see the Gateway address of the SecuRemote Client should be
> > > interface B however, after the Topo downloaded forces the VPN Client to
> > use
> > > interface A as gateway but that's silly, isn't? Do I have to use
> > Interface
> > B
> > > as the "primary" (the IP Address given in the general tap of the
> > workstation
> > > properties of the firewall object) interface of the firewall object?
> > >
> > >
> > >
> > >
> > > Any hints?
> > >
> > >
> > > Cheers,
> > >
> > > Josef
> > >
> > >
> > >
> > ==========================================================================
> > ==
> > ====
> > >      To unsubscribe from this mailing list, please see the instructions
> > at
> > >                http://www.checkpoint.com/services/mailing.html
> > >
> > ==========================================================================
> > ==
> > ====
> > >
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================
>
> ________________________________________________________________________
> This message has been checked for all known viruses, by Star Internet,
> delivered through the MessageLabs Virus Control Centre.
> For further information visit:
> http://www.star.net.uk/stats.asp
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
Re: [FW1] SecuRemote connects to which fw interface (again)?

Reply via email to
