If you're running NAT (which, I believe, is the primary feature of MS
Proxy), you can't use Secure Remote VPN. The reason is that one of
the things a VPN solution like this attempts to protect against is the
'man-in-the-middle' attack where the attacking host manipulates
routing to proxy and thus eavesdrop on the communications. I believe
that the VPN handshake includes the IP of the client host. However,
in the IP header will appear the IP of your proxy host and this will
apear to the server as an illegal packet.
-Rich
On Mon, 24 Apr 2000, Andreas Stylianou wrote:
> Dear all, We are using the Checkpoint Firewall-1 V.4.0.and we would
> like to enable the Secure Remote feature within Internet
> workstations and an FTP server, which is "sitting" behind the
> firewall. However, we have not managed to use this feature if the
> workstation is comunicating to the Internet via a gateway server
> e.g. MS Proxy. Any ideas how to circumvent this problem. Thank you.
> Regards
> Andreas Stylianou
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
