I'm using SecuRemote R54 with the NG AI R54 Firewall-1/VPN-1. The VPN is
currently a Traditional mode configuration from a migration. I'm not using
the Policy Server so that wouldn't be the problem.
"David S. Barker"
<[EMAIL PROTECTED]
P.COM> To
Sent by: Mailing [EMAIL PROTECTED]
list for INT.COM
discussion of cc
Firewall-1
<FW-1-MAILINGLIST Subject
@AMADEUS.US.CHECK Re: [FW-1] SecuRemote on Internal
POINT.COM> Network
10/12/2005 06:40
PM
Please respond to
Mailing list for
discussion of
Firewall-1
<FW-1-MAILINGLIST
@AMADEUS.US.CHECK
POINT.COM>
John,
What version of Secure Client are you using? Do you have a desktop policy
that could be blocking this? This property shouldn't be affected by your
encryption domain, only that you have the box checked or not.
David S. Barker
Senior Security Engineer
Compuquip Technologies
Phone: 305.436.7272 X 1364
Fax: 305.436.9149
mailto://[EMAIL PROTECTED]
8399 NW 30th Terr, Miami, Fl 33122
Compuquip TECHNOLOGIES
"Providing Solutions Since 1980"
________________________________
From: Mailing list for discussion of Firewall-1 on behalf of John Lindblom
Sent: Wed 10/12/2005 10:06 AM
To: [email protected]
Subject: Re: [FW-1] SecuRemote on Internal Network
The property is set to false and a Site Update doesn't change it, It still
doesn't work if we manually change it. Do we need the internal network in
the ENC_DOMAIN for this to work or is this setting suppose to work without?
"David S. Barker"
<[EMAIL PROTECTED]
P.COM> To
Sent by: Mailing [EMAIL PROTECTED]
list for INT.COM
discussion of cc
Firewall-1
<FW-1-MAILINGLIST Subject
@AMADEUS.US.CHECK Re: [FW-1] SecuRemote on Internal
POINT.COM> Network
10/10/2005 08:48
PM
Please respond to
Mailing list for
discussion of
Firewall-1
<FW-1-MAILINGLIST
@AMADEUS.US.CHECK
POINT.COM>
John,
Verify that your userc.C in the c:\program files\Securemote\database
directory has the following property set
:allow_clear_in_enc_domain (true)
If it does not, verify that if the client performs an update site that the
property updates.
David S. Barker
Senior Security Engineer
Compuquip Technologies
Phone: 305.436.7272 X 1364
Fax: 305.436.9149
mailto://[EMAIL PROTECTED]
8399 NW 30th Terr, Miami, Fl 33122
Compuquip TECHNOLOGIES
"Providing Solutions Since 1980"
-----Original Message-----
From: Mailing list for discussion of Firewall-1 on behalf of John Lindblom
Sent: Mon 10/10/2005 9:01 AM
To: [email protected]
Subject: Re: [FW-1] SecuRemote on Internal Network
It's all ready set to "Sent in Clear". Do I still need the internal
network in the encryption domain with this setting?
This is a Traditional VPN Configuration not the NG Simplified
Configuration, would that make the difference. If this is the problem, are
there any DOCS available for a migration to the Simplified mode.
John
Mailing list for discussion of Firewall-1
<[email protected]> wrote on 10/09/2005 10:10:21
PM:
> John,
>
> There are two ways to fix this, one is to make sure that every network
> that they could be coming from internally is in your encryption domain.
> SecuRemote/SecureClient by default will not drop traffic for inside
> encryption domain objects while disconnected, if it realizes that it's
> inside the encryption domain.
> or
> The Easy way
> You need to change the global property for Remote Access, VPN-Advanced
> for SecuRemote/SecureClient behavior while disconnected to When
> disconnected, traffic to the encyrption domain will be Sent in clear.
> Prior to NGX the default was Dropped.
>
>
> Compuquip TECHNOLOGIES
> "Providing Solutions Since 1980"
>
> David Barker
> Senior Security Engineer
> Internet Security Division
>
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
