sankar, check with a sniffer (ethereal) if your vpn-client sends encrypted packets to your firewall. I see three possible things here - the client sends encrypted packets to the fw. check if these packets arrive on your firewall - maybe some filter on the way to your fw drops the packet - the client sends the packet to a wrong interface of your firewall - try disabling if-resolving - the client sends the packets in clear, not encrypted. in this case the client thinks that he is in your lan - check the IPs again.
br reinhard ** My mobile email is powered by Nokia Mobile Email solutions ** ** please 'reply-to-all' when answering... ** > -----Original Message----- > From: Mailing list for discussion of Firewall-1 on behalf of Juan Concepcion > Received: Fri Nov 10 20:05:25 CET 2006 > To: [email protected] > Subject: Re: [FW-1] SecuRemote Connectivity > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Visitor mode is simply a method of changing how Securemote works. There > is no additional licensing necessary for it. It simply changes how the > firewall/client communicate. > > Juan > > P.V.Sankar wrote: > > Hi, > > No, there is no IP Address conflict. I am new to this field.I do not know > > whether my particular license supports Visitor mode/Office mode. When we > > purchased the product my vendor told that VPN-1 Pro license includes > > FireWall- > > 1, VPN-1, FloodGate and SecuRemote. Since Office mode supports only Secure > > Client not SecuRemote, i do not know how to proceed now. > > > > Thanks > > Sankar > > On Fri, 10 Nov 2006 12:56:41 +0100, Reinhard Stich wrote > >> hi, > >> check again if you have an IP conflict with the private IP on your > >> dialup-isp and your encryption domain. try to use visitor-mode to > >> avoid tunneling problems with our client's ISP... > >> > >> br > >> reinhard > >> > >> ** My mobile email is powered by Nokia Mobile Email solutions ** > >> ** please 'reply-to-all' when answering... ** > >> > >>> -----Original Message----- > >>> From: Mailing list for discussion of Firewall-1 on behalf of Mark Williams > >>> Received: Fri Nov 10 13:03:34 CET 2006 > >>> To: [email protected] > >>> Subject: Re: [FW-1] SecuRemote Connectivity > >>> > >>> Do you use Office Mode? > >>> > >>> Mark > >>> > >>> ----- Original Message ----- > >>> From: "P.V.Sankar" <[EMAIL PROTECTED]> > >>> To: <[email protected]> > >>> Sent: Friday, November 10, 2006 9:19 PM > >>> Subject: [FW-1] SecuRemote Connectivity > >>> > >>> > >>>> Hi, > >>>> I have VPN-1 Pro R60 Gateway running on Solaris8, Sun 280R platform. My > >>>> topology is as follows. My Gateway has 3 network interfaces. > >>>> 1st interface faces to internet with routable IP. 2nd interface faces > > to > >>>> our > >>>> DMZ also with routable IP. 3rd interface faces to our internal network > >>>> with > >>>> private IP address(all our internal networks are sitting behind this > >>>> interface). Using SecuRemote client and dial-up connectivity(routable IP > >>>> provided by ISP), I could connect to my Gateway & internal systems. But > >>>> using > >>>> broadband connection(private IP , sitting behind a NAT device), I am > > not > >>>> able > >>>> to connect to my Gateway and internal systems. On my Gateway, i > >>>> implemented > >>>> things like "Support NAT traversal mechanism(UDP > > encapsulation)", "Support > >>>> IKE over TCP" etc. There is no IP Address conflict between my internal > >>>> networks and remote clients. Still i am not able to connect using > >>>> broadband > >>>> connection. > >>>> > >>>> I request you to kindly help me in sorting out this issue. > >>>> > >>>> > >>>> Thanks in advance > >>>> Sankar > >>>> > >>>> > >>>> > >>>> > >>>> -- > >>>> Open WebMail Project (http://openwebmail.org) > >>>> > >>>> ================================================= > >>>> To set vacation, Out-Of-Office, or away messages, > >>>> send an email to [EMAIL PROTECTED] > >>>> in the BODY of the email add: > >>>> set fw-1-mailinglist nomail > >>>> ================================================= > >>>> To unsubscribe from this mailing list, > >>>> please see the instructions at > >>>> http://www.checkpoint.com/services/mailing.html > >>>> ================================================= > >>>> If you have any questions on how to change your > >>>> subscription options, email > >>>> [EMAIL PROTECTED] > >>>> ================================================= > >>> ================================================= > >>> To set vacation, Out-Of-Office, or away messages, > >>> send an email to [EMAIL PROTECTED] > >>> in the BODY of the email add: > >>> set fw-1-mailinglist nomail > >>> ================================================= > >>> To unsubscribe from this mailing list, > >>> please see the instructions at > >>> http://www.checkpoint.com/services/mailing.html > >>> ================================================= > >>> If you have any questions on how to change your > >>> subscription options, email > >>> [EMAIL PROTECTED] > >>> ================================================= > >>> > >>> > >>> > >>> > >> ================================================= > >> To set vacation, Out-Of-Office, or away messages, > >> send an email to [EMAIL PROTECTED] > >> in the BODY of the email add: > >> set fw-1-mailinglist nomail > >> ================================================= > >> To unsubscribe from this mailing list, > >> please see the instructions at > >> http://www.checkpoint.com/services/mailing.html > >> ================================================= > >> If you have any questions on how to change your > >> subscription options, email > >> [EMAIL PROTECTED] > >> ================================================= > > > > > > -- > > Open WebMail Project (http://openwebmail.org) > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.3 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFFVMup5MTluexDZhIRAsYeAKCsmmVhfVpLeuRKV0MOVqo+jrUbxwCfWW8K > dbF991BNvco7MiVDZVKf92w= > =j/eG > -----END PGP SIGNATURE----- > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > > > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
