CP guys have always told me Office Mode could ONLY be used with a Secure Client license.
Now, you wrote: "I am using OM with r55 with no license for secureclient on several different machines. This is not supported by CP but it does work. In NGX this also works and is supported by CP." So I guess for R55 is just a licensing thing not being enforced by the software, but do you actually mean that in NGX you CAN in fact use OM with no SC licenses and CP is supporting it? Could it be that OM is no longer exclusive for SC license owners? Regards On 1/17/07, Gary Scott <[EMAIL PROTECTED]> wrote:
I am using OM with r55 with no license for secureclient on several different machines. This is not supported by CP but it does work. In NGX this also works and is supported by CP. A single defined site can have multiple profiles which could contain additional sites; any FW that is exportable for securemote and managed by the same smart center will be pulled when you download the topology from any of the individual sites. You get an OM IP from the first site you connect to, if you connect to any additional sites that are also contained in the topology you will use the real IP of the client going to the additional site(s). As Scott said you can upgrade to NGX where you have the option to use the OM IP you received from the first site you connected to when going to other sites within your toplogy. The other option you have is to connect to each site one at the time, unless there is a need to be connected to multiple's at the same time. If this is the case the follow Scott's recommendation or change the encryption domains or the clients LAN so there is no overlap. -GS -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Sergio Alvarez Sent: Wednesday, January 17, 2007 12:51 PM To: [email protected] Subject: Re: [FW-1] Secure Remote and Private IP conflict If no Secure Client license is available, you can't in fact use Office Mode, but using IP Pool NAT is a good option and applicable in most cases. Regards On 1/17/07, fwguru <[EMAIL PROTECTED]> wrote: > > Sounds like you have one GW with a VSC license and the other without. You > have no choice but to go with OfficeMode or change the clients' IP address > to something that is not within your internal network range. To get > OfficeMode you will need to get a VSC lic for the other gateway. > > Do you have a path between these two networks behind the firewalls??? > > Regards, > Neil Delacruz > > > On 1/16/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > > We use some 172.16 and 192.168 addresses internally, which are often > used > > by ISP routers as well. > > > > When I connect to gateway A, I get an office mode address, and I can > talk > > to internal systems protected by gateway A without any > problems. However, > > > > when I try to talk to systems protected by gateway B, it fails because > the > > client doesn't use the office mode address but the physical address > > supplied by the ISP router, which happens to be 172.16, and routing > fails. > > > > If I change the IP router to supply addresses other than those used > > internally, it works fine. > > > > We are on NG AI R55. > > > > Has anyone else seen this problem and what is the fix? > > > > Thanks. > > > > Huiqi Liu > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > -- Sergio Alvarez (506)8301342 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
-- Sergio Alvarez (506)8301342 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
