Ray, are you confusing "Use IP Pool NAT for VPN Clients connections" in the NAT tab of the gateway object with "Office Mode Methode" in the Remote Access - Office Mode tab. With the first you would be right, but the later is just the way the Office Mode addresses are served, IP Pool or DHCP, the methode does not define the visibility! That depends only on wether it's a private or public range and whether Hub mode (route all traffic through gateway) is selected/enabled. Office mode together with hub mode, and a public address give your vpn clients connectivity to your encryption domain and the internet via you FW's en IP range. This way we use it to enable remote users to access resources located at asp's who filter access based on IP-range, in our case scientific journals and article databases.
Dion > -----Oorspronkelijk bericht----- > Van: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] Ray > Verzonden: dinsdag 12 april 2005 0:30 > Aan: [email protected] > Onderwerp: Re: [FW-1] Office Mode IP assignment > > > Hi, > > Are you certain? I understand what you're saying but that > contradicts the > docs. > > Ray > > >From: Dion-ben Hendriks <[EMAIL PROTECTED]> > >Reply-To: Mailing list for discussion of Firewall-1 > ><[email protected]> > >To: [email protected] > >Subject: Re: [FW-1] Office Mode IP assignment > >Date: Mon, 11 Apr 2005 06:54:12 +0200 > > > >-----Oorspronkelijk bericht----- > >Van: Mailing list for discussion of Firewall-1 > >[mailto:[EMAIL PROTECTED] Ray > >Verzonden: zondag 10 april 2005 20:32 > >Aan: [email protected] > >Onderwerp: Re: [FW-1] Office Mode IP assignment > > > > > >[snip %< \] > > > >Whatever IP range you assign as the Office Mode IP Pool is > never exposed on > >the Internet, just internally. > > > >[/snip %<] > > > >If you use 'route all traffic through gateway' or hub-mode > then the office > >mode network is routable to/from the internet, hence visible. > >If you use a private subnet you'll need to nat it to get it to work. > > > >Dion > > > >================================================= > >To set vacation, Out-Of-Office, or away messages, > >send an email to [EMAIL PROTECTED] > >in the BODY of the email add: > >set fw-1-mailinglist nomail > >================================================= > >To unsubscribe from this mailing list, > >please see the instructions at > >http://www.checkpoint.com/services/mailing.html > >================================================= > >If you have any questions on how to change your > >subscription options, email > >[EMAIL PROTECTED] > >================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
