Hi Everyone, I am new to Connectra so I would like to learn this product. So I install Connectra gateway NGx on my dual processor Pentium III with 1GB of RAM with a 15 days eval license. Background: My internal network is 192.168.1.0/24. Gateway is 192.168.1.1 My DMZ network is 192.168.15.0/24. Gateway is 192.168.15.1 Both the internal and DMZ network is separated by a Checkpoint NG AI R55w with HFA_04 firewall running on SPLAT. I would like remote access users to be able to connect to my Internal network using Connectra. Therfore, I place a Connectra NGx on my dmz network with IP of 192.168.15.104. The connectra is static NAT by the Checkpoint Secureplatform firewall to a public IP of 129.174.1.8. On the SPLAT firewall, I allow http/https and tcp port 4433 from anywhere to the Connectra. Furthermore, I also allow any services from the connectra to internal network (for testing purposes). This is my objective and questions: 1) I would like to allow remote access users the ability to do terminal services, telnet and ftp once they are authenticated to the Connectra NGx gateway. Is it a simple thing to do? I know how to do this with Cisco vpn concentrator and Juniper ssl vpn device but not connectra. so I went ahead and configure a user group called "corp" and a user "cisco4ng" and put this username into group corp. next, I created a new network applications call TEST and specify the range of my internal network, 192.168.1.0/24 and allowed ALL services to my internal network (again for testing purposes). From the internet, I can connect to the Connectra, but I can not get to any services behind my internal network. I tried remote desktop, telnet and ftp to hosts behind my internal network but no luck. What am I doing wrong here? 2) What is SSL Extender Server? From reading the documentation, it seems like this is an "add-on" from checkpoint but the documentation also states that it is FREE for connectra. Does SSL extender provide native IP network applications? 3) What is SSL Extender clients? Is this some java or ActiveX that the browser download from connectra? 4) Can I operate a Connectra without using a SmartCenter Server? Other getting log to the SmartCenter, what is the SmartCenter good for with Connectra? 5) Can provider-1 NGx R60A manage Connectra? If someone in this forum have used connectra before, please contact me off-line and give me a few pointers. I need to learn this beast in the next two weeks for a job interview. On the surface, it is not that difficult but the devil is in the detail. Furthermore, how is this product compared to Juniper/Netscreen SSL vpn device? TIA my email is cisco at yahoo dot com
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
