There is an option in AI within Global Properties / Remote Access / VPN-Advanced that says Secure Remote/ Secure Client behavior while disconnected. You want Sent in clear checked. This turns an entry in your userc.c file called allow_clear_traffic_while_disconnected to true. If you update your topology after changing this setting and pushing rules to the firewalls you should be all set.
_____ Jeremy Lieb CCNA CCSA-NG CCSE-NG Firewall Administrator Open Text Corporation _____ The leading provider of collaboration and knowledge management software for the global enterprise. www.opentext.com -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Robert Rutherford Sent: Thursday, November 13, 2003 9:21 AM To: [EMAIL PROTECTED] Subject: Re: [FW-1] SecureClient issues when bound to a LAN NIC Sorry I can't find my users.c ? Please note that I'm on AI. BR, Rob |---------+--------------------------------------------> | | Jonathan Jackman | | | <[EMAIL PROTECTED]| | | K> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | KPOINT.COM> | | | | | | | | | 13/11/2003 14:59 | | | Please respond to Mailing list | | | for discussion of Firewall-1 | | | | |---------+--------------------------------------------> >--------------------------------------------------------------------------- -------------------| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: Re: [FW-1] SecureClient issues when bound to a LAN NIC | >--------------------------------------------------------------------------- -------------------| I presume you do not want to use secure remote when you are connected to your encryption domain? You need to configure your users.c file to allow clear text in the encryption domain. Find the line in your users.c that looks like: :allow_clear_in_enc_domain (true) Make sure it says true in brackets. You will need to reboot once this change has been made. -----Original Message----- From: Robert Rutherford [mailto:[EMAIL PROTECTED] Sent: 13 November 2003 12:41 To: [EMAIL PROTECTED] Subject: [FW-1] SecureClient issues when bound to a LAN NIC Hi Gurus, Wizards, Oracles, and the like. I have an issue when using secureclient which has been bound to all adapters :- When I'm sat inside my primary site I cannot connect to any of my other offices on the WAN as SecureClient is running. If I unbind the securemote from my NIC all is ok. What I would like to know is what I should be doing (rules) to allow me to work on the LAN and WAN normally when SecureClient is running and I'm sat inside an encryption domain? Hope that makes sense. Best Regards, Rob Robert Rutherford +44 (0)1305 208232 +44 (0)7970 122362 ********************************************************************** This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. ********************************************************************** This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.dek.com ********************************************************************** ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk ________________________________________________________________________ ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ********************************************************************** ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ********************************************************************** This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. ********************************************************************** This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.dek.com ********************************************************************** ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
