I think it's called "Dynamic interface resolving" in the GUI and mine was
set to "static interface resolving" by default. SecureClient tries to locate
the gateway by sending these RDP packets (unfortunately, RDP is the same
name as what Microsoft calls Remote Desktop Protocol so I always get them
confused in the logs).
Otherwise it tries to find the firewall solely by its downloaded topology.
Ray
From: Neil Kemp <[EMAIL PROTECTED]>
Reply-To: Mailing list for discussion of Firewall-1
<[email protected]>
To: [email protected]
Subject: Re: [FW-1] SecureClient and IP Addressing
Date: Tue, 6 Jun 2006 07:53:25 +0100
Thanks for that. Not heard of RDP probing before -could you either point me
towards some resources for this - or explain how to do it ?
Thanks.
On 05/06/06, Ray <[EMAIL PROTECTED]> wrote:
Since you have SecureClient, you're OK to use Office Mode. Set up Office
Mode an use RDP probing to find the remote gateway as well as an NGX
version
of SecureClient and all should be well.
Obviously you're better off re-IP'ing the LAN because you'll have the same
issue if you try to set up a site-to-site with someone who also took the
defaults for the LAN addressing scheme.
Ray
>From: Neil Kemp <[EMAIL PROTECTED]>
>Reply-To: Mailing list for discussion of Firewall-1
><[email protected]>
>To: [email protected]
>Subject: [FW-1] SecureClient and IP Addressing
>Date: Mon, 5 Jun 2006 20:38:40 +0100
>
>Afternoon all.
>
>I have a customer who has an internal network of 192.168.1.x. Their
>SecureClients come in and connect to the Firewall, and are assigned an
IP
>address from a pool on a 172.24 network.
>
>This works fine right up until the point the remote network has the same
IP
>subnet as the internal Lan, then communication with the Firewall fails.
>
>Running NG R60 on IPSO 3.9
>
>Any suggestions welcome.
>
>Thanks
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to [EMAIL PROTECTED]
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>[EMAIL PROTECTED]
>=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
