It's useful as a reverse proxy SSL termination point if you don't want to SSL enable your web servers. Client --> SSL VPN device (over SSL) --> Web Server (over HTTP). Check out http://www.checkpoint.com/products/downloads/ipsec_whitepaper.pdf for more info.
Rgrds, -ES -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Sascha Picchiantano Sent: Thursday, October 28, 2004 5:20 AM To: [EMAIL PROTECTED] Subject: Re: [FW-1] Clientless VPN Ok thanks. So the plain "clientless VPN" feature is pretty useless unless you license the SSL Network Extender, right? Thanks, Sascha > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] On Behalf > Of [EMAIL PROTECTED] > Sent: Thursday, October 28, 2004 10:48 AM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] Clientless VPN > > Hi, > > If you use SSL Network Extender you effectively connect > via HTTPS to the gateway. Get prompted for authentication and > then an Activex control is installed (obviously you have to > use IE), the Activex contains a version of the Securemote > MiniPort driver. > At this point you can use this 'SSL' connection to tunnel any > network protocol transparently. > > HTH, > > > Ross. > > Ross Bushby - Senior Security Architect CISSP Real Solutions > Ltd, Unit B&C, Oakcroft Business Centre, Oakcroft > Road,Chessington,Surrey,UK. KT9 1RH. > Tel +44 (0)208 391 4080, Fax: +44 (0)208 391 4081 > > > N O T I C E > This message and any attachments are intended only for the > individual or company to which it is addressed and may > contain information which is privileged, confidential or > prohibited from disclosure or unauthorised use Any form of > dissemination, copying, disclosure, distribution and/or > publication of this e-mail message or its attachments to > third parties is only permitted with the express permission > of the sender. > We cannot accept any liability for any loss or damage > sustained as a result of software viruses. It is your > responsibility to carry out such virus checking as is > necessary before opening any attachment. > > ================================================= > To set vacation, Out-Of-Office, or away messages, send an > email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your subscription > options, email [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
