In R55, you can configure Office Mode so it is only offered to a specific group of users. If you only have one remote user group, you now will need three:
OfficeModeRemoteUsers NonOfficeModeRemoteUsers
and then the user group PolicyServerLogon users which will contain the above two groups. This will allow you to use a Desktop Securty Policy on both groups but only offer Office Mode to one group.
I don't know if FP3 has this capability. The buttons for setting it up are on the Gateway object, Remote Access, Office Mode dialog box.
Ray
From: "Brett, Gary" <[EMAIL PROTECTED]> Reply-To: Mailing list for discussion of Firewall-1 <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [FW-1] SecureClient - Supporting 2 NT Domains on One firewall Date: Fri, 7 May 2004 14:18:56 +0100
Thanks Ray
But I dont have R55, I have NG FP3-hf2. I take it that i am restricted to only one NT domain for all connections to the firewall, and hence can only configure one implementation of Secure client (with office mode) per firewall regardless of how many networks are connected to it ?
Is it possible to use secureRemote (without office mode) whilst still having SecureClient (with office mode) running for the other network ??? basically, the only thing i want the new remote users to access is a "outlook web access" (web based exchange mail) and thats it, i take it i can do this with just secureRemote, but will the two work together??
thanks
-----Original Message----- From: Ray Pesek [mailto:[EMAIL PROTECTED] Sent: 07 May 2004 02:46 To: [EMAIL PROTECTED] Subject: Re: [FW-1] SecureClient - Supporting 2 NT Domains on One firewall
The What's New file for R55 http://www.checkpoint.com/support/downloads/docs/firewall1/r55/WhatsNew.pdf says "In Office Mode the option was added to define a WINS and DNS servers per user." on page 4 and 5, but I'll be darned if I can find it in the GUI.
Ray
>From: "Brett, Gary" <[EMAIL PROTECTED]> >Reply-To: Mailing list for discussion of Firewall-1 ><[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: [FW-1] SecureClient - Supporting 2 NT Domains on One firewall >Date: Thu, 6 May 2004 10:25:49 +0100 > >Hi >I have two windows domains each with their own subnet (different ip >addresses) hanging off of different interfaces on a single NG FP3 HF2 >firewall, each of the two domains has its own PDC with WINS and DNS and an >exchange server servicing their own domains clients. They are connected to >the same firewall so that they can share the same internet connection >(connected to a third interface) and i am trying to configure secure client >for the second, new network/domain (the fist one is already running with >office mode). Now everything has been going very smoothly but i have got to >the office mode configuration page in NG and in the optional parameters >section, it asks me to set the WINS and DNS servers (and backups) and also >the domain name !!, now as i stated earlier , these two NT networks have >different domain names. If i configure this page for one network, it works >fine but the other doesnt, and vice versa >Is there anyway i can get this to work or does NG secureclient only support >office mode to one single domain? > > >Thanks and regards >Gary > > >This electronic message contains information from Cetelem UK Credit Ltd >which may be privileged or confidential. The information is intended to be >for the use of the individual(s) or entity named above. If you are not the >intended recipient be aware that any disclosure, copying, distribution or >use of the contents of this information is prohibited. If you have received >this electronic message in error, please notify us by telephone or email >(to >the numbers or address above) immediately. > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >=================================================
_________________________________________________________________ Check out the coupons and bargains on MSN Offers! http://youroffers.msn.com
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= This electronic message contains information from Cetelem UK Credit Ltd which may be privileged or confidential. The information is intended to be for the use of the individual(s) or entity named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic message in error, please notify us by telephone or email (to the numbers or address above) immediately.
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
_________________________________________________________________ FREE pop-up blocking with the new MSN Toolbar � get it now! http://toolbar.msn.com/go/onm00200415ave/direct/01/
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
