In r-56/r-60 this is defined under the site profile. However you should not need to force udp encapsulation unless you are behind a nat device that does not do port translation. The translated port will cause the client to use udp encapsulation without having to force it. Either way the FW needs to support NAT traversal. If you are using the r-60 client I have discovered that with this client terminating into an r-55 FW that has the site defined with the internal interface, topology defined with proper external interface and set to statically resolve interfaces the r-60 client will ignore this and try for the IP defined under the general settings for the FW, internal. You can use dynamic resolving or set the general IP of the FW to the external interface to get the r-60 client to work. The r-55 client will work correctly and setup the tunnel with the defined topology external interface. All this said I have a question that I can not find in any release notes. What backward compatible versions are supported with the r-60 client? Is it r-60 only?
-GS -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Scott Chason Sent: Thursday, July 28, 2005 1:46 PM To: [email protected] Subject: Re: [FW-1] Using SecureClient through Linksys Firewall I don't see that optoin on the SecureClient . Do you know what version you are using? Scott At 01:09 PM 7/28/2005, you wrote: >Yes, but you must make sure that you have UDP encapsulation enabled in >Secureclient, otherwise NAT will 'break' the IPSEC packet. > >Ross Bushby - Senior Security Architect CISSP >REAL Solutions Ltd, Unit B&C, Oakcroft Business Centre, Oakcroft >Road,Chessington,Surrey,UK. KT9 1RH. >Tel +44 (0)208 391 4080, Fax: +44 (0)208 391 4081 > > > N O T I C E >This message and any attachments are intended only for the individual or >company to which it is addressed and may contain information which is >privileged, confidential or prohibited from disclosure or unauthorised use >Any form of dissemination, copying, disclosure, distribution and/or >publication of this e-mail message or its attachments to third parties is >only permitted with the express permission of the sender. >We cannot accept any liability for any loss or damage sustained as a >result of software viruses. It is your responsibility to carry out such >virus checking as is necessary before opening any attachment. > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= ************************************************************************ * Securities Products and Services Are Offered By Ferris, Baker Watts, Inc. Member SIPC And NYSE, Inc. Ferris, Baker Watts, Inc. DOES NOT ACCEPT ORDERS AND/OR INSTRUCTIONS REGARDING YOUR ACCOUNT BY EMAIL. Any orders or transactional requests will not be processed until FBW can confirm your instructions or obtain appropriate written documentation where necessary. The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you received this in error, please contact the sender and delete the material from your computer. ************************************************************************ * ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
