You can certainly create a tunnel between the FW-1 and a non-enterprise firewall. We have about 10 VPNs between our datacenter firewall (a super-SPLAT box) and at our sites little $500 Cisco 831s that work perfectly.
--- Chris Covington IT Plus One Health Management 75 Maiden Lane Suite 801 NY, NY 10038 646-312-6269 http://www.plusoneactive.com -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Alan Choyna Sent: Saturday, February 26, 2005 12:04 AM To: [email protected] Subject: Re: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW. Thanks for your response Ray (you have been prolific today). One of the sites runs FW1, but l don't as yet know which version they are running. l have set up tunnels between 2 FW1 firewalls, but am not sure whether l could create a tunnel between FW1 and a non-enterprise (more limited functionality) Firewall? l will get more info on Monday to determine which type of Firewall they are running. Certificates not an option? It's oly 1 server per site l am interested in connecting. Thanks, Alan At 07:13 PM 2/25/2005, you wrote: >This sounds more like a site-to-site activity. Is that possible? You >could limit the source and destination IPs in the rule. > >Ray > >>From: Alan Choyna <[EMAIL PROTECTED]> >>Reply-To: Mailing list for discussion of Firewall-1 >><[email protected]> >>To: [email protected] >>Subject: [FW-1] How to auto-authenticate Win2k and Mac OS10 VPN to FW. >>Date: Fri, 25 Feb 2005 17:42:14 -0600 >> >>We are running SPLAT R55 HFA9 with securemote R56. >> >>We have some Win2k servers that need to push info to a server behind >>our gateway from an affiliate company 24/7 reliably. >> >>We installed Securemote, and the users authenticate via user id and >>password, and have configured securemote to auto authenticate. This is >>not entirely reliable though, and every few days (2-3) securemote asks >>for manual re-authentication. Is this a known problem? >> >>Any suggestions of how to make the auto authentication more reliable? >> >>Would authentication via certificate be more reliable in this manner? >>If so, how do we set it up? >> >>Thanks in advance for any advice or input. >> >>Alan. >> >>================================================= >>To set vacation, Out-Of-Office, or away messages, send an email to >>[EMAIL PROTECTED] >>in the BODY of the email add: >>set fw-1-mailinglist nomail >>================================================= >>To unsubscribe from this mailing list, please see the instructions at >>http://www.checkpoint.com/services/mailing.html >>================================================= >>If you have any questions on how to change your subscription options, >>email [EMAIL PROTECTED] >>================================================= > >================================================= >To set vacation, Out-Of-Office, or away messages, send an email to >[EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your subscription options, >email [EMAIL PROTECTED] >================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
