Internally I use a mask of 255.255.255.0 for each of the defined subnets. The remote users are also using this subnet mask. As far as I know the linksis router cannot use any other subnet mask.
-----Original Message----- From: Lawson, Shawn M. [mailto:[EMAIL PROTECTED]] Sent: November 27, 2001 2:41 PM To: '[EMAIL PROTECTED]' Subject: FW: [FW-1] SecureClient and NAT at Client end What subnet mask are you using for your network and what subnet mask are your remote users using? -----Original Message----- From: Shawn Kearley [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 8:52 AM To: [EMAIL PROTECTED] Subject: [FW-1] SecureClient and NAT at Client end I may be mis-understanding this, maybe someone out there can help me. I was under the understanding that NAT and SecureClient would not successfully work without making some changes to the Objects.C and Userc.C files to enable UDP Encapsulation, however that does not appear to be the case. Here is my set-up: Firewall running 4.1 SP4 Clients running SecureClient 4.1 SP4 build 4188 On my Firewall, my encryption domain is defined by a group of network objects which include the specific 192.168.x.0 networks used within the company. In the Userc.C file I see these specific networks defined. Here are the situations: 1 user has set-up Microsoft Internet Sharing on his home network. When he has the default network, 192.168.0.x in use, the VPN connections to the company failed. However when he changed the internal network to 10.0.0.x the VPN connection was successful. A second user has a Linskis Router inside is ADSL modem for his internal network, using Hide NAT. Again if he used the default 192.168.1.x network for his internal network the VPN failed, however when he changed it to 10.0.0.x the VPN connection succeeded. I have not made the changed referenced in the documents I have to enable UDP Encapsulation, so I did not think that these connections would succeed. As well, I do not fully understand why the original connections when the remote networks were using the 192.168 networks. Neither the 192.168.0.x or 192.168.1.x networks are in use within our company's network, and neither are defined within the Encryption domain. At present we only have a few of our Technical staff using the VPN to test it for problem/issues before be begin deploying to end users, so I would like to understand what is happening here to ensure that I have the system properly configured before the wider deploy. Thanks in advance for any information you can supply to help me out here. Shawn Kearley ====================================== Shawn Kearley Infrastructure Analyst Newfoundland Power Co. Ltd. Phone: (709) 737-5724 Fax: (709) 737-5832 Email: [EMAIL PROTECTED] =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
