Hi all,
I am running Checkpoint Firewall NG AI running on a Sun box (solaris 8).
I've configured VPN for SecuRemote users. Everything is working fine.
We had some problems like some of the SecuRemote users can't browse the
Microsoft workgroup, can't login to windows domain etc. Later I configured
SecuRemote DNS server object and created dnsinfo.C file.
Now most of the users can browse the Microsoft workgroup shares and
can login to some of our windows servers using \\192.168.1.11\share name.
But 2 users have cable modems at home. Their PC IP address is 192.168.0.x.
In our company network we have two internal networks (192.168.1.0 and
192.168.6.0). There 2 cable modem users can't access these Microsoft
workgroup shares or \\192.168.1.11\shares.
userC.c on all the SecuRemote client PC's/Laptops have:
:gws (
: (Frontline.proxy
:obj (
: (192.168.1.1)
)
:keymanager (
:type (refobj)
:refname ("#_Frontline")
)
:allowed_interface_ranges (
: (210.x.x.x
:allowed_range (
: (
:type
(machines_range)
:ipaddr_first
(0.0.0.0)
:ipaddr_last
(192.168.0.255)
)
: (
:type
(machines_range)
:ipaddr_first
(192.168.3.0)
:ipaddr_last
(192.168.5.255)
)
: (
:type
(machines_range)
:ipaddr_first
(192.168.7.0)
:ipaddr_last
(210.89.x.x)
)
: (
:type
(machines_range)
:ipaddr_first
(210.89.x.x)
:ipaddr_last
(210.89.x.x)
)
: (
:type (host)
:ipaddr (210.89.x.x)
)
: (
:type
(machines_range)
:ipaddr_first
(210.89.x.x)
:ipaddr_last
(255.255.255.255)
)
)
:is_ext (true)
:is_natted (false)
)
I was wondering if the Firewall is assuming that these two cable modem users
are coming from our Internal Lan and FW is not applying VPN rules for these
2 users.
Could someone please let me know what could be the reason?
Thanks,
Rajesh.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
